Yesterday i decided to test the “HeartBleed” attack against my personal web page hosted on shared host. I grab the POC script from https://github.com/musalbas/heartbleed-masstest/blob/master/ssltest.py and started to play. After a 10-15 tries i got the BINGO the COOKIE of a web site hosted on same web server. The web site is famous online news portal and the COOKIE is from the administrator. So i was lucky because you can try for a lot of time and you will not receive a confidential data.
Screen Shot of the retrieved data containing the confidential information.
Here is the whole COOKIE retrieved them the web server affected with HeartBleed flaw.
So with a luck and simple script you can retrieve a sensitive data needed to perform illegal hacks.
Source : http://heartbleed.com