I’ve worked on the exploitation of the CVE-2020-0601 in 2020, along with one of my colleague, Sylvain Pelisser.

You can read all about it in my blog post on Kudelski Security’s research blog. I’ve also setup a test page in case you want to see if you are vulnerable: http://testcve.kudelskisecurity.com/

We have setup a public Github repository with the Python code and the OpenSSL command lines and configuration file: https://github.com/kudelskisecurity/chainoffools