Last active
August 29, 2015 14:16
-
-
Save degan/70e8059507d173751294 to your computer and use it in GitHub Desktop.
FREAK Attack server test
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| see discussion below |
On my system (CentOS 6.6), nmap outputs on STDERR not STDOUT... so you need an extra 2>&1 to avoid false "safe" messages... ie
nmap --script ssl-enum-ciphers -p 443 sohu.com 2>&1 | grep EXPORT -l | wc -l
Edit...
Hmm... not quite true... for sohu.com (as above..) I need it... but for example, for mumsnet.com I didn't ?? Don't have time to experiment... but to be sure... I'd check the output....
You can use this online tool to check if you webserver is vulnerable:
Great feedback and discussion, it looks like nmap is indeed a better method:
nmap --script ssl-enum-ciphers -p 443 sohu.com|grep EXPORT
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
WARNING: Upon further investigation, NONE of these openssl based methods are good enough. Not this gist and not my own suggestion earlier.
It looks like 'openssl s_client' does not "detect" a cipher it doesn't support it self. So if the machine you're testing FROM is fairly up-to-date, you may miss any ciphers that are already removed from your version. I haven't checked if this is a real-world-issue and i don't have time that right now, so i opt for a different detection mechanism, that will detect all combinations.
I suggest using nmap instead.
This is a lot slower, but it catches all export ciphers.
And if you need a drop-in replacement for my earlier command, which prints 1 for vulnerable and 0 for clean: