Check your site for Logjam

Logjam Attack

The Logjam Attack basically allows an attacker to downgrade a secure connection to a VPN or secure website so that the attacker is able to read or modify your communication. The issue was found in the way how Diffie-Hellman key exchange has been deployed. It has been extensively described at

Scan your servers for Logjam

You can test if your server is vulnerable via the Qualys SSLServer test or via a form on the website.

The output from is a JSON object that is far more easier to parse than the results from Qualys. I asked the people from if I could use their test to verify a list of hosts (approx. 500) with a 5 second interval to check if a host is vulnerable to Logjam. They agreed to it. You can get my small Python script from Github. If you plan on using this script to scan your environment I suggest you ask them permission first and use a sane waiting time between the different queries.

You can get the script from Github. It uses three parameters

  • weakdh_hosts : a text file with the hosts to check
  • pause_interval : the interval to wait between a query
  • base_url : the URL from

Note that the script only checks for really vulnerable sites. Sites that have 1024-bit Diffie-Hellman might be vulnerable to “nation-state” attackers also. This script does not raise a warning for these sites.

One thought on “Check your site for Logjam

  1. I’ve been exploring for a little bit for any high-quality articles or weblog posts in this kind of area .
    Exploring in Yahoo I at last stumbled upon this web site.
    Reading this information So i’m happy to exhibit that
    I have an incredibly good uncanny feeling I found out just what I needed.
    I most without a doubt will make sure to don?t fail to remember this
    website and provides it a glance regularly.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.