Check your site for Logjam

Logjam Attack

The Logjam Attack basically allows an attacker to downgrade a secure connection to a VPN or secure website so that the attacker is able to read or modify your communication. The issue was found in the way how Diffie-Hellman key exchange has been deployed. It has been extensively described at

Scan your servers for Logjam

You can test if your server is vulnerable via the Qualys SSLServer test or via a form on the website.

The output from is a JSON object that is far more easier to parse than the results from Qualys. I asked the people from if I could use their test to verify a list of hosts (approx. 500) with a 5 second interval to check if a host is vulnerable to Logjam. They agreed to it. You can get my small Python script from Github. If you plan on using this script to scan your environment I suggest you ask them permission first and use a sane waiting time between the different queries.

You can get the script from Github. It uses three parameters

  • weakdh_hosts : a text file with the hosts to check
  • pause_interval : the interval to wait between a query
  • base_url : the URL from

Note that the script only checks for really vulnerable sites. Sites that have 1024-bit Diffie-Hellman might be vulnerable to “nation-state” attackers also. This script does not raise a warning for these sites.

Leave a Reply

Your email address will not be published. Required fields are marked *