JonathonMA/get-freaky.sh

## get-freaky.sh
#!/bin/sh
# get-freaky -- FREAK toolkit

set -e

usage() {
  echo "`basename $0` scan [host:port] [host2:port2] ..."
  echo "`basename $0` cipher [host:port] [host2:port2] ..."
}

# http://www.percona.com/blog/2015/03/05/test-cve-2015-0204-freak-ssl-security-flaw-affects/
check_freak() {
  hostport="$1"
  openssl s_client -cipher EXPORT -connect "$hostport" < /dev/null 2>/dev/null | grep -q SSL-Session
}

ciphers() {
  host=`echo $1 | cut -f 1-1 -d:`
  port=`echo $1 | cut -f 2-2 -d:`
  nmap --script ssl-enum-ciphers -p $port $host
}

scan() {
  if check_freak "$hostport"; then
    echo "$hostport" VULNERABLE
  else
    echo "$hostport" OK
  fi
}

if [ -z "$1" ]; then
  usage
  exit 1
fi

cmd="$1"
shift

for hostport in "$@"; do
  "$cmd" "$hostport"
done
	#!/bin/sh
	# get-freaky -- FREAK toolkit

	set -e

	usage() {
	echo "`basename $0` scan [host:port] [host2:port2] ..."
	echo "`basename $0` cipher [host:port] [host2:port2] ..."
	}

	# http://www.percona.com/blog/2015/03/05/test-cve-2015-0204-freak-ssl-security-flaw-affects/
	check_freak() {
	hostport="$1"
	openssl s_client -cipher EXPORT -connect "$hostport" < /dev/null 2>/dev/null \| grep -q SSL-Session
	}

	ciphers() {
	host=`echo $1 \| cut -f 1-1 -d:`
	port=`echo $1 \| cut -f 2-2 -d:`
	nmap --script ssl-enum-ciphers -p $port $host
	}

	scan() {
	if check_freak "$hostport"; then
	echo "$hostport" VULNERABLE
	else
	echo "$hostport" OK
	fi
	}

	if [ -z "$1" ]; then
	usage
	exit 1
	fi

	cmd="$1"
	shift

	for hostport in "$@"; do
	"$cmd" "$hostport"
	done