POC详情: f9573570c9925760cce0a78e46f000ffade214b2

来源
https://github.com/felmoltor/FreakVulnChecker
关联漏洞
标题: OpenSSL 加密问题漏洞 (CVE-2015-0204)
描述:OpenSSL是OpenSSL团队开发的一个开源的能够实现安全套接层(SSL v2/v3)和安全传输层(TLS v1)协议的通用加密库,它支持多种加密算法,包括对称密码、哈希算法、安全散列算法等。 OpenSSL的s3_clnt.c文件中的‘ssl3_get_key_exchange’函数存在安全漏洞。远程攻击者可通过提供临时的RSA密钥利用该漏洞实施RSA-to-EXPORT_RSA降级攻击,加快暴力破解进度。以下版本受到影响:OpenSSL 0.9.8zd之前版本,1.0.0p之前1.0.0版本,1.
描述
This script check if your list of server is accepting Export cipher suites and could be vulnerable to CVE-2015-0204
介绍
# FreakVulnChecker
This script check if your list of server is accepting Export cipher suites and could be vulnerable to CVE-2015-0204

Usage
-----
```
Usage: ./freak.vuln.check.sh <ip[:port] | file_with ip[:port] list >
```
The program accept single ip:port or domain syntax or a list of ips or domains.
It will output if the Exports cipher (available in the openssl binary of your local machine) that are accepted by the remote server.
Also, the script will save a CSV file with this information.

Output Example
--------------
```
root@fmt-kali:~/FreakVulnChecker# ./freak.vuln.check.sh myservers.txt 
bing.com (204.79.197.200:443): EXP-EDH-RSA-DES-CBC-SHA SUPPORTED
bing.com (204.79.197.200:443): EXP-EDH-DSS-DES-CBC-SHA SUPPORTED
bing.com (204.79.197.200:443): EXP-DES-CBC-SHA SUPPORTED
bing.com (204.79.197.200:443): EXP-RC2-CBC-MD5 SUPPORTED
bing.com (204.79.197.200:443): EXP-RC4-MD5 SUPPORTED
23.223.104.49 (23.223.104.49:443): EXP-EDH-RSA-DES-CBC-SHA NOT SUPPORTED
23.223.104.49 (23.223.104.49:443): EXP-EDH-DSS-DES-CBC-SHA NOT SUPPORTED
23.223.104.49 (23.223.104.49:443): EXP-DES-CBC-SHA SUPPORTED
23.223.104.49 (23.223.104.49:443): EXP-RC2-CBC-MD5 SUPPORTED
23.223.104.49 (23.223.104.49:443): EXP-RC4-MD5 SUPPORTED
216.58.211.206 (216.58.211.206:443): EXP-EDH-RSA-DES-CBC-SHA NOT SUPPORTED
216.58.211.206 (216.58.211.206:443): EXP-EDH-DSS-DES-CBC-SHA NOT SUPPORTED
216.58.211.206 (216.58.211.206:443): EXP-DES-CBC-SHA NOT SUPPORTED
216.58.211.206 (216.58.211.206:443): EXP-RC2-CBC-MD5 NOT SUPPORTED
216.58.211.206 (216.58.211.206:443): EXP-RC4-MD5 NOT SUPPORTED
204.79.197.200 (204.79.197.200:443): EXP-EDH-RSA-DES-CBC-SHA SUPPORTED
204.79.197.200 (204.79.197.200:443): EXP-EDH-DSS-DES-CBC-SHA SUPPORTED
204.79.197.200 (204.79.197.200:443): EXP-DES-CBC-SHA SUPPORTED
204.79.197.200 (204.79.197.200:443): EXP-RC2-CBC-MD5 SUPPORTED
204.79.197.200 (204.79.197.200:443): EXP-RC4-MD5 SUPPORTED
123.125.116.19 (123.125.116.19:443): EXP-EDH-RSA-DES-CBC-SHA NOT SUPPORTED
123.125.116.19 (123.125.116.19:443): EXP-EDH-DSS-DES-CBC-SHA NOT SUPPORTED
123.125.116.19 (123.125.116.19:443): EXP-DES-CBC-SHA SUPPORTED
123.125.116.19 (123.125.116.19:443): EXP-RC2-CBC-MD5 SUPPORTED
123.125.116.19 (123.125.116.19:443): EXP-RC4-MD5 SUPPORTED
zomato.com (54.151.251.33:443): EXP-EDH-RSA-DES-CBC-SHA NOT SUPPORTED
zomato.com (54.151.251.33:443): EXP-EDH-DSS-DES-CBC-SHA NOT SUPPORTED
zomato.com (54.151.251.33:443): EXP-DES-CBC-SHA NOT SUPPORTED
zomato.com (54.151.251.33:443): EXP-RC2-CBC-MD5 NOT SUPPORTED
zomato.com (54.151.251.33:443): EXP-RC4-MD5 NOT SUPPORTED
adxcore.com (188.165.36.101:443): EXP-EDH-RSA-DES-CBC-SHA SUPPORTED
adxcore.com (188.165.36.101:443): EXP-EDH-DSS-DES-CBC-SHA NOT SUPPORTED
adxcore.com (188.165.36.101:443): EXP-DES-CBC-SHA SUPPORTED
adxcore.com (188.165.36.101:443): EXP-RC2-CBC-MD5 SUPPORTED
adxcore.com (188.165.36.101:443): EXP-RC4-MD5 SUPPORTED
```
文件快照

 [4.0K]  /data/pocs/f9573570c9925760cce0a78e46f000ffade214b2
├── [3.7K]  freak.vuln.check.sh
├── [  91]  myservers.txt
└── [2.8K]  README.md

0 directories, 3 files
神龙机器人已为您缓存
备注
    1. 建议优先通过来源进行访问。
    2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
    3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。