In the previous article we have seen in depth how the Heartbleed vulnerability works. In practice we have seen the version of the bug usable in a client that attacks a server scenario (go to the article to learn more). What we will see now is the reverse vulnerability exploitation, where a malicious server attacks a vulnerable client.
The reverse heartbleed, in fact is dangerous too, because many clients are not upgradeable and will not receive fix for the openssl vulnerable version installed.
Basically a reverse heartbleed vulnerability works the same as the normal one and the effects are the same. The attacker sends a heartbeat packet well formatted to exploit the vulnerability and the client will answer with the packet filled with 64kb of client’s memory.
The attack is performed by a malicious server that invites the user to connect via spam or phishing techniques and then starts an ssl/tls session to exploit the vulnerable client’s openssl library and the effects are the same: client’s stolen memory by the evil server may contain authentication credentials such as passwords and similar as well as credit card numbers or other personal data.
Lots of computers and also mobile devices are vulnerable to reverse heartbleed. Android 4.1.1 implements the vulnerable version of openssl and is deployed on thousands of devices and many of them will not receive updates from their companies so in their lifetime, these Android devices will be always vulnerable and every Internet operation may cause a leak of personal informations from them.
So it’s time to update your device as soon as you can or contact the producer company to be informed about the vulnerability of the os installed on it.
Here follows a video that explains very well how the reverse heartbleed works, check it out.