Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2015-0204 PoC — OpenSSL 加密问题漏洞

Source
https://github.com/felmoltor/FreakVulnChecker
Associated Vulnerability
Title:OpenSSL 加密问题漏洞 (CVE-2015-0204)
Description:The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL servers to conduct RSA-to-EXPORT_RSA downgrade attacks and facilitate brute-force decryption by offering a weak ephemeral RSA key in a noncompliant role, related to the "FREAK" issue. NOTE: the scope of this CVE is only client code based on OpenSSL, not EXPORT_RSA issues associated with servers or other TLS implementations.
Description
This script check if your list of server is accepting Export cipher suites and could be vulnerable to CVE-2015-0204
Readme
# FreakVulnChecker
This script check if your list of server is accepting Export cipher suites and could be vulnerable to CVE-2015-0204

Usage
-----
```
Usage: ./freak.vuln.check.sh <ip[:port] | file_with ip[:port] list >
```
The program accept single ip:port or domain syntax or a list of ips or domains.
It will output if the Exports cipher (available in the openssl binary of your local machine) that are accepted by the remote server.
Also, the script will save a CSV file with this information.

Output Example
--------------
```
root@fmt-kali:~/FreakVulnChecker# ./freak.vuln.check.sh myservers.txt 
bing.com (204.79.197.200:443): EXP-EDH-RSA-DES-CBC-SHA SUPPORTED
bing.com (204.79.197.200:443): EXP-EDH-DSS-DES-CBC-SHA SUPPORTED
bing.com (204.79.197.200:443): EXP-DES-CBC-SHA SUPPORTED
bing.com (204.79.197.200:443): EXP-RC2-CBC-MD5 SUPPORTED
bing.com (204.79.197.200:443): EXP-RC4-MD5 SUPPORTED
23.223.104.49 (23.223.104.49:443): EXP-EDH-RSA-DES-CBC-SHA NOT SUPPORTED
23.223.104.49 (23.223.104.49:443): EXP-EDH-DSS-DES-CBC-SHA NOT SUPPORTED
23.223.104.49 (23.223.104.49:443): EXP-DES-CBC-SHA SUPPORTED
23.223.104.49 (23.223.104.49:443): EXP-RC2-CBC-MD5 SUPPORTED
23.223.104.49 (23.223.104.49:443): EXP-RC4-MD5 SUPPORTED
216.58.211.206 (216.58.211.206:443): EXP-EDH-RSA-DES-CBC-SHA NOT SUPPORTED
216.58.211.206 (216.58.211.206:443): EXP-EDH-DSS-DES-CBC-SHA NOT SUPPORTED
216.58.211.206 (216.58.211.206:443): EXP-DES-CBC-SHA NOT SUPPORTED
216.58.211.206 (216.58.211.206:443): EXP-RC2-CBC-MD5 NOT SUPPORTED
216.58.211.206 (216.58.211.206:443): EXP-RC4-MD5 NOT SUPPORTED
204.79.197.200 (204.79.197.200:443): EXP-EDH-RSA-DES-CBC-SHA SUPPORTED
204.79.197.200 (204.79.197.200:443): EXP-EDH-DSS-DES-CBC-SHA SUPPORTED
204.79.197.200 (204.79.197.200:443): EXP-DES-CBC-SHA SUPPORTED
204.79.197.200 (204.79.197.200:443): EXP-RC2-CBC-MD5 SUPPORTED
204.79.197.200 (204.79.197.200:443): EXP-RC4-MD5 SUPPORTED
123.125.116.19 (123.125.116.19:443): EXP-EDH-RSA-DES-CBC-SHA NOT SUPPORTED
123.125.116.19 (123.125.116.19:443): EXP-EDH-DSS-DES-CBC-SHA NOT SUPPORTED
123.125.116.19 (123.125.116.19:443): EXP-DES-CBC-SHA SUPPORTED
123.125.116.19 (123.125.116.19:443): EXP-RC2-CBC-MD5 SUPPORTED
123.125.116.19 (123.125.116.19:443): EXP-RC4-MD5 SUPPORTED
zomato.com (54.151.251.33:443): EXP-EDH-RSA-DES-CBC-SHA NOT SUPPORTED
zomato.com (54.151.251.33:443): EXP-EDH-DSS-DES-CBC-SHA NOT SUPPORTED
zomato.com (54.151.251.33:443): EXP-DES-CBC-SHA NOT SUPPORTED
zomato.com (54.151.251.33:443): EXP-RC2-CBC-MD5 NOT SUPPORTED
zomato.com (54.151.251.33:443): EXP-RC4-MD5 NOT SUPPORTED
adxcore.com (188.165.36.101:443): EXP-EDH-RSA-DES-CBC-SHA SUPPORTED
adxcore.com (188.165.36.101:443): EXP-EDH-DSS-DES-CBC-SHA NOT SUPPORTED
adxcore.com (188.165.36.101:443): EXP-DES-CBC-SHA SUPPORTED
adxcore.com (188.165.36.101:443): EXP-RC2-CBC-MD5 SUPPORTED
adxcore.com (188.165.36.101:443): EXP-RC4-MD5 SUPPORTED
```
File Snapshot

 [4.0K]  /data/pocs/f9573570c9925760cce0a78e46f000ffade214b2
├── [3.7K]  freak.vuln.check.sh
├── [  91]  myservers.txt
└── [2.8K]  README.md

0 directories, 3 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →