Project Description

Bleed Out is a command line tool written in C# for targeting instances of OpenSSL made vulnerable by the prolific "Heartbleed" bug. The tool aggressively exploits the OpenSSL vulnerability, dumping both ASCII and binary data to files. It also checks the uniqueness of each chunk before persisting it, to ensure that duplicate chunks are not saved.

Command-line Arguments

-h {host}
Required. The host to exploit.

-p {port}
The port to connect to. Default: 443.

-t {threads}
The number of threads to use. Default: 1.

-a {file}
The file to dump ASCII strings to. Default: {host}_{port}.txt.

-b {file}
The file to dump binary data to. Default: {host}_{port}.bin.

-r {retry count}
The number of times to retry the exploitability test.

-s {sleep time}
The amount of time in milliseconds to sleep between exploitability test attempts.

Last edited Apr 10, 2014 at 6:13 PM by JohnLeitch, version 2