degan/gist:70e8059507d173751294

Last active August 29, 2015 14:16

Star () You must be signed in to star a gist
Fork () You must be signed in to fork a gist

Learn more about clone URLs
Clone this repository at <script src="https://gist.github.com/degan/70e8059507d173751294.js"></script>
Save degan/70e8059507d173751294 to your computer and use it in GitHub Desktop.

Download ZIP

FREAK Attack server test

Raw

gistfile1.sh

see discussion below

MalcolmPreen commented Mar 5, 2015

On my system (CentOS 6.6), nmap outputs on STDERR not STDOUT... so you need an extra 2>&1 to avoid false "safe" messages... ie

nmap --script ssl-enum-ciphers -p 443 sohu.com 2>&1 | grep EXPORT -l | wc -l

Edit...
Hmm... not quite true... for sohu.com (as above..) I need it... but for example, for mumsnet.com I didn't ?? Don't have time to experiment... but to be sure... I'd check the output....

ebatista commented Mar 5, 2015

You can use this online tool to check if you webserver is vulnerable:

http://www.freakattacktest.tk

Author

degan commented Mar 5, 2015

Great feedback and discussion, it looks like nmap is indeed a better method:

nmap --script ssl-enum-ciphers -p 443 sohu.com|grep EXPORT

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment