Per dimostrare il problema Heartbleed, ho eseguito un exploit pubblicamente disponibile su un vecchio server Web NAS vulnerabile che è stato sostituito.
Di seguito è riportato un estratto dall'output successivo: (Alcuni dei quali, sembra essere binario o crittografato.)
...................................................................../index.php......RC4-SHA.RC4-SHA.Xq?...............?.......?.....index...php.ex.h....................SHA.application
/x-httpd-php.mod_ssl/2.2.14..mod_ssl/2.2.14..OpenSSL/1.0.1e..OpenSSL/1.0.1e..TLSv1.2.NULL....RC4-SHA.RC4-SHA.false...false.............128...128...............128...128.....NONE....3.......3........
ABF42CCAC60E1D07........ABF42CCAC60E1D07........ABF42CCAC60E1D07........Jul 12 04:20:13 2011 /L=Taipei/O=QNAP Systems Inc./OU=NAS/CN=TS Series NAS/[email protected]....
/C=TW/ST=Taiwan/L=Taipei/O=QNAP Systems Inc./OU=NAS/CN=TS Series [email protected][email protected]......
/C=TW/ST=Taiwan/L=Taipei/O=QNAP Systems Inc./OU=NAS/CN=TS Series NAS/[email protected]..../C=TW/ST=Taiwan/L=Taipei/O=QNAP Systems Inc./OU=NAS/CN=TS Series
NAS/emailAddress=q_support@qnap.com....TW......TW......Taiwan..Taiwan..Taipei..Taipei..\T.BdT.BPTTH,N.B..?._LSSDN.B8.?._LSSXN.BH.?._LSShN.BP.?._LSS|N.B'.?._LSS.N.Bp.?._LSS.N.B..?._LSS.N.B..?._
LSS.N.B..?._LSS.Q.B..?._LSS.Q.B..?._LSS.Q.BH.?._LSS.Q.B..?._LSS.Q.B0.?._LSS.R.B..?._LSS.R.B..?._LSS,[email protected]..?._LSSTR.B..?._LSShR.B..?._LSS.R.B@.?._LSS.S.B..?._LSS.S.B0.?._LSS0S.B@.?._
LSSDS.BP.?._LSSXS.B..?._LSSlS.B..?._LSS.S.B..?._LSS.T.B(.?._LSS$T.BP.?._LSS8T.Bx.?._LSSLT.B..?._LSS.............................................................................................
.............................................................................................................QNAP Systems Inc........QNAP Systems Inc........NAS.....NAS.....TS Series NAS...TS Series
[email protected]_support@qnap.com......rsaEncryption...rsaEncryption...sha1WithRSAEncryption...sha1WithRSAEncryption...F12392A6F7C71C1A30642791B394C4BBAF8103A6772BD28E387CBD4979FC7AEE
........F12392A6F7C71C1A30642791B394C4BBAF8103A6772BD28E387CBD4979FC7AEE..............................................................................................................................
Che cosa sono esattamente questi dati?
In particolare; queste stringhe di caratteri esadecimali assomigliano a una sorta di chiavi / hash:
F12392A6F7C71C1A30642791B394C4BBAF8103A6772BD28E387CBD4979FC7AEE
ABF42CCAC60E1D07
Questa informazione è di qualche particolare uso o interesse per i potenziali attaccanti / eaves-droppers ??