bWAPP Heartbleed Vulnerability

Heartbleed Vulnerability - Low Security Level Solution: Step 1. On the lesson page, click on attack script - a pop up will be displayed, save the file. Step 2. Go to the lesson page and check the Hint. Open a new tab in your browser and login as per the given hint https://Yourbeeboxip:8443/bWAPP/login.php https://10.0.2.4:8443/bWAPP/login.php Click on Advance - Accept the Risk and Continue - bWAPP page will be displayed Use credentials bee and bug to login Step 3. Open Command Prompt and give below command Command: nmap --script ssl-heartbleed -sV -p 8443 10.0.2.4 Note : Change the IP to your beebox IP address Wait patiently till the output is displayed Check the output Step 4. In your command prompt go to the location where you have Downloaded your file as per step 1 instructions. Use below command: python heartbleed.py -p 8443 yourbeeboxip python heartbleed.py -p 8443 10.0.2.4 Check the output Step 5. In new command prompt start msfconsole Command - msfconsole (I have already executed this command) Use below commands as shown in the video search heartbleed use 1 show options set RHOST 10.0.2.4 (Please change IP to your Beebox ip) set RPORT 8443 show options (To check if correct RHOST and RPORT are set) run Check the output Note: If you want to see more information about the vulnerability then (Please Follow steps as shown in the video) use commands set verbose true run PseudoTime