Method of scanning SSL vulnerability with nmap on Linux system

Time:2021-11-24

To download nmap 6.45 and above. If you are lazy to reinstall, you can download the ssl-heartbleed.nse script directly.

The specific methods (steps) of using nmap 6.45 to scan the server for heartbleed vulnerabilities are as follows:

Of course, you have to press nmap first. You can go to Google online.

During the process of using nmap, specify the ssl-heartbleed.nse script to scan probes. The command is as follows:;
[[email protected] ~]#nmap -sV -p 443 –script=ssl-heartbleed.nse  192.168.1.5
perhaps
[[email protected] ~]#nmap -sV -p 443 –script=ssl-heartbleed  192.168.1.5
Interpretation; 192.168.1.5 is the IP to be scanned, which can also be replaced by a domain name

Assuming that your server (VPS) has a heartbeat vulnerability, the following prompt will appear:

Copy code

The code is as follows:

Nmap scan report for mediacentre (192.168.1.5)
Host is up (0.0059s latency).
Not shown: 992 closed ports
PORT STATE SERVICE VERSION
443/tcp open ssl OpenSSL (SSLv3)
| ssl-heartbleed:
| VULNERABLE:
| The Heartbleed Bug is a serious vulnerability in the popular OpenSSL cryptographic software library. It allows for stealing information intended to be protected by SSL/TLS encryption.
| State: VULNERABLE
| Risk factor: High
| Description:
| OpenSSL versions 1.0.1 and 1.0.2-beta releases (including 1.0.1f and 1.0.2-beta1) of OpenSSL are affected by the Heartbleed bug. The bug allows for reading memory of systems protected by the vulnerable OpenSSL versions and could allow for disclosure of otherwise encrypted confidential information as well as the encryption keys themselves.
|
| References:
| https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160
| http://www.openssl.org/news/secadv_20140407.txt
|_ http://cvedetails.com/cve/2014-0160/
Service Info: Host: firefly003; OS: Linux; CPE: cpe:/o:linux:linux_kernel

be careful:

Copy code

The code is as follows:

|State: vulnerable / * threatened*/
|Risk factor: high / * high risk*/

These two lines represent the results of the scan.

After the upgrade, we will test again, and there will be no prompt just now. Instead, it becomes:

   

Copy code

The code is as follows:

Nmap scan report for mediacentre (192.168.1.5)
Host is up (0.0011s latency).
PORT STATE SERVICE VERSION
443/tcp open ssl OpenSSL (SSLv3)</p>
<p> Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 11.24 seconds

Recommended Today

Apache sqoop

Source: dark horse big data 1.png From the standpoint of Apache, data flow can be divided into data import and export: Import: data import. RDBMS—–>Hadoop Export: data export. Hadoop—->RDBMS 1.2 sqoop installation The prerequisite for installing sqoop is that you already have a Java and Hadoop environment. Latest stable version: 1.4.6 Download the sqoop installation […]