Heartbleed is a vulnerability in the OpenSSL library discovered in 2014. It allows the attacker to read portions of memory from the server; these portions may contain parts of the communication between clients and the server in clear text. As soon as the Heartbleed vulnerability was released, plenty of public exploits came to light. Offensive Security, the creators of Kali Linux, also host Exploit-DB (https://www.exploit-db.com/), a website that collects exploits made publicly available by their developers; we can find several variants of Heartbleed exploits there.
In this recipe, we will use the commands Kali includes to explore the local copy of Exploit-DB in Kali Linux, find the exploit we need, and finally we will use it to exploit Heartbleed in our target server.
