Reproducing POODLE vulnerability using POODLE-POC

[skypean]

Is reproducing this vulnerability still possible. I scan a website and see that it is vulnerable to POODLE vulnerability, then I used this script as python3 poodle-exploit.py [client_IP] 443 [client_IP] 443. I refresh the website on Google Chrome few times but the search command still found no data.

I also tried to downgrade the communication protocol to SSLv3, but there is no luck!

Why is that behavior appears?

By the way, I wish I can reproduce this vulnerability (by building environment myself) but I'm not well experience in system administration. Is there any document that help me build a website to demo as I see in README.md? I would be so glad to receive help also!

[DimitrisAntonoulis]

Hello @thangpd3160, did you find a way to reproduce the attack? It would be very helpful if you can share some tips or links since i am trying to do the same for a few days now without success.

Is reproducing this vulnerability still possible. I scan a website and see that it is vulnerable to POODLE vulnerability, then I used this script as python3 poodle-exploit.py [client_IP] 443 [client_IP] 443. I refresh the website on Google Chrome few times but the search command still found no data.

I also tried to downgrade the communication protocol to SSLv3, but there is no luck!

Why is that behavior appears?

By the way, I wish I can reproduce this vulnerability (by building environment myself) but I'm not well experience in system administration. Is there any document that help me build a website to demo as I see in README.md? I would be so glad to receive help also!