SSL FREAK漏洞检测

Tool Introduction

The SSL FREAK vulnerability detection tool is an online domain security detection service focused on identifying whether target websites are affected by the “Factoring Attack on RSA-EXPORT Keys (FREAK)” vulnerability. The FREAK vulnerability (CVE-2015-0204) is a serious flaw in the SSL/TLS protocol that allows attackers to downgrade connections through a Man-in-the-Middle (MITM) attack, forcing the use of weak export-grade RSA keys, thereby intercepting and decrypting sensitive data.

This tool scans the SSL/TLS configuration of specified domains to quickly determine if this vulnerability exists, providing users with clear security assessment results and helping website administrators promptly discover and fix potential security risks.

How to Use

1. In the “Domain” input box on the tool page, enter the website domain you want to detect, for example, baidu.com.
2. Click “Start Detection” or a similar button (depending on the actual front-end interface operation).
3. The tool will scan the domain you entered for SSL FREAK vulnerabilities and display detailed detection results within a few seconds.

Input Parameters:

• Domain (domain): Required, the complete domain you need to detect, such as example.com. Please ensure the correct domain format is entered.

Output Result Format:

Detection results will be presented in a list format, with each row representing a detected service or vulnerability detail, including the following fields:

• Domain/IP (ip): Displays the detected domain or its resolved IP address.
• Port (port): The corresponding service port, usually 443 (HTTPS).
• Security (severity): Indicates the security status of the service. If “OK” is displayed, it means secure; otherwise, it may indicate the presence of a vulnerability.
• CVE (cve): Related CVE number. If a vulnerability exists, CVE-2015-0204 will be displayed.
• CWE (cwe): Related CWE number.
• Description (description): Detailed explanation of the detection result, for example, “No SSL FREAK vulnerability found” or “SSL FREAK vulnerability found, with man-in-the-middle attack risk.”

Usage Example

Example Input Data:

Domain: baidu.com

Expected Output Results (Table Format):

Domain/IP	Port	Security	CVE	CWE	Description
baidu.com	443	OK	N/A	N/A	No SSL FREAK vulnerability found or it has been fixed.

Specific Operation Demonstration:

1. Enter baidu.com in the “Domain” input box.
2. Click the detection button and wait for the tool to complete the scan.
3. The results page will display the table above, indicating that baidu.com is not affected by the SSL FREAK vulnerability.

Frequently Asked Questions

• Q: What is the SSL FREAK vulnerability?
• A: The SSL FREAK vulnerability (CVE-2015-0204), fully known as Factoring Attack on RSA-EXPORT Keys, is a flaw in the SSL/TLS protocol. It allows attackers to force clients to use old, weakly encrypted export-grade RSA keys, thereby decrypting SSL/TLS encrypted traffic in a man-in-the-middle attack.
• Q: What input formats are supported?
• A: This tool currently only supports a single domain as input, for example,  example.com. IP addresses or URL paths are not supported.
• Q: What is the format of the output results?
• A: The output results are displayed in a structured list (table) format, including domain/IP, port, security, relevant CVE/CWE numbers, and a detailed description.
• Q: How do I determine if my website has the FREAK vulnerability?
• A: Please pay attention to the “Security” field in the output results. If “OK” is displayed, it means no FREAK vulnerability was detected on your website; if something else is displayed (e.g., “Dangerous” or “High”), a vulnerability may exist, and the corresponding CVE number and description will be provided.

Notes

• Please ensure that the entered domain is a legitimate and accessible domain you wish to detect, to avoid detection failure due to incorrect input.
• This tool primarily detects SSL FREAK vulnerabilities, and its results serve only as a preliminary security assessment reference. For comprehensive website security detection and penetration testing, it is recommended to use more professional security tools or consult security experts.
• A “Security” status of “OK” in the detection results indicates that no SSL FREAK vulnerability was detected at present, but it does not mean the website is absolutely secure without other vulnerabilities.
• If the detection results show a vulnerability, please promptly update your server software and SSL/TLS libraries, and disable weak encryption suites to fix the vulnerability.