Reputation: 1682
Creating a valid heartbeat request
I've been messing around with the heartbleed bug (mainly the cloudflare challenge) and creating an invalid heartbeat has been easy, I've been sending as follows:
### HEATBEAT ###
0x18, # Content Type (Heartbeat)
0x03, 0x01, # TLS version
0x00, 0x03, # Length
# Payload
0x01, # Type (Request)
0xff, 0xff # Payload length
# NO PAYLOAD
### END HEARBEAT ###
However, when I tried to send this valid heartbeat, the server doesn't respond.
### HEATBEAT ###
0x18, # Content Type (Heartbeat)
0x03, 0x01, # TLS version
0x00, 0x03, # Length
# Payload
0x01, # Type (Request)
0x00, 0x03 # Payload length
0x68, 0x61, 0x74, # Payload: hat
### END HEARBEAT ###
I've tried jiggling around the payload length and neither +1 or -1 work. Even lengths significantly higher than the actual length don't work. Any ideas as to what I'm doing wrong?
Here's my full code for any interested (it's based off of this)
EDIT: In response to @warren-dew, this also doesn't work:
### HEATBEAT ###
0x18, # Content Type (Heartbeat)
0x03, 0x01, # TLS version
0x00, 0x03, # Length
# Payload
0x01, # Type (Request)
0x00, 0x03 # Payload length
0x68, 0x61, 0x74, # Payload: hat
0x34, 0x90, 0xf0, 0xf3, # PADDING
0xe3, 0xb4, 0x5c, 0x9c, # PADDING
0x80, 0xff, 0x95, 0x74, # PADDING
0x9d, 0x81, 0xfa, 0xa0 # PADDING
### END HEARBEAT ###
EDIT: In response to @warren-dew, adjusted again but still does not work:
### HEATBEAT ###
0x18, # Content Type (Heartbeat)
0x03, 0x01, # TLS version
0x00, 0x16, # Length <- Changed
# Payload
0x01, # Type (Request)
0x00, 0x03 # Payload length
0x68, 0x61, 0x74, # Payload: hat
0x34, 0x90, 0xf0, 0xf3, # PADDING
0xe3, 0xb4, 0x5c, 0x9c, # PADDING
0x80, 0xff, 0x95, 0x74, # PADDING
0x9d, 0x81, 0xfa, 0xa0 # PADDING
### END HEARBEAT ###
Upvotes: 1
Views: 2910
Answers (2)
Reputation: 3913
It seems to me that a valid heartbeat request is only allowed after a tls session has been established. I have tested (and you can test either with s_client or your own tool perhaps using BouncyCastle) sending a valid heartbeat request after establishing a TLS session. I established a valid tls session and sent in an encrypted heartbeat and was able to elicit a heartbeat response using java and bouncycastle. I have not cleaned out the code and once I do will post it. So empirically, it seems that even in OpenSSL versions that are broken, a valid heartbeat request right after ServerHelloDone is disallowed. That would be the reason that in the examples above, a heartbeat response is not forthcoming.
Upvotes: 0
Reputation: 8928
A legal heartbeat message has, in addition to the payload, three bytes of metadata - message type and payload length - and a minimum of 16 bytes of padding. As a result, the message length has to exceed the payload length by at least 19 bytes, rather than merely being equal to it. See RFC 6520 for more detail.
Upvotes: 2
Related Questions
- Python - How to send heartbeat using websocket-client?
- SSL verification fails with requests but not with urllib3
- Bad Handshake when using requests
- Heartbleed: Payloads and padding
- Python requests gives me "bad handshake" error
- python ssl eof occurred in violation of protocol, wantwriteerror, zeroreturnerror
- What are SSL heartbeats?
- Cannot connect to the OpenSSL server with OPENSSL_NO_HEARTBEATS enabled
- HeartBleed python test script
- Why does the TLS heartbeat extension allow user supplied data?