Pastebin launched a little side project called VERYVIRAL.com, check it out ;-) Want more features on Pastebin? Sign Up, it's FREE!
Guest

Major Companies Vulnerable to Heartbleed

By: surivaton on Apr 19th, 2014  |  syntax: None  |  size: 0.72 KB  |  views: 6,560  |  expires: Never
download  |  raw  |  embed  |  report abuse  |  print
Text below is selected. Please press Ctrl+C to copy to your clipboard. (⌘+C on Mac)
  1. Title: Juniper SSL VPN Openssl HeartBleed Vulnerability Dork
  2. Author of Exploit: @surivaton
  3. Contact information(I only use twitter): @surivaton
  4. Vulnerable Software: www.juniper.net
  5. Google Dork: inurl:"/dana-na/auth/
  6. Vulnerable Sites:
  7. http://extranet.uphs.upenn.edu
  8. http://vpn.stlouiscountymn.gov
  9. http://vpn1.broadcastaustralia.com.au
  10. http://remote.compumenn.com.au
  11. http://rna.n.nsa.nexus.telstra.com.au
  12.  
  13.  
  14. Usage:
  15. Search google with: inurl:"/dana-na/auth/
  16. Check each site with heartbleed openssl exploit.
  17. Dump the vulnerable sites for a few hours.
  18. Search through the files for USER and PASS.
  19. The username and password should be stored in plain text.
  20. Go to there login page: site.com/dana-na/auth/
  21. Login with details.