Detect Exploit openSSL Heartbleed vulnerability using Nmap and Metasploit on Kali Linux
May 05, 2014, 08:00 (1 Talkback[s])
Once you have the private key, you can decrypt every messages (username, password, anything! that was encrypted with the SSL certificate). Though 2.5 million requests seems absurd, for a busy server it’s nothing and like I said before, it’s undetectable. You can keep doing it from behind a proxy server or a TOR network without revealing your true identity.