2014-04-16 15:04 GMT+02:00 Alexandr Ciornii <alexcho...@gmail.com>: > A specially created server ( > http://blog.meldium.com/home/2014/4/10/testing-for-reverse-heartbleed > , in Russian: http://www.xakep.ru/post/62350/default.asp ) can send > similar request to client. But such attack has low probability. >
It is not recommended to use such online services. Some really try to capture as much as they can from your system. Instead, use an open source offline solution that you run yourself for your machine : pacemaker. https://github.com/Lekensteyn/pacemaker I verified that openssl bundled with StrawberryPerl 5.18.2.1 is vulnerable. You can reproduce it like this (while pacemaker.py is running): C:\strawberry\c\bin\openssl s_client -connect 127.0.0.1:4433
