This challenge is based on the Heartbleed bug in OpenSSL discovered in April 2014. Attack a server which is specifically prepared to be vulnerable to the Heartbleed bug. Please note that it is necessary to solve Part 1 first. !!! We had to take off this challenge, as our firewall doesn't allow flawed servers any more -- even if this flaw was offered by will for training and within a sandbox. !!!