Public API

Use our free API to detect PKfail

Example request:

Analyse the given firmware binary to check for potential implants.

curl -X POST https://pk.fail/ -F "file=@path_to_your_file"

Request body (multipart/form-data):

file: firmware binary to analyse (binary)

Responses:

200 OK: Analysis result

Status: The analysis result (vulnerable, not-vulnerable, etc.)

Details:

MD5, SHA-1, SHA-256, SHA-512: hashes of the input binary
Analysis time: time taken to complete the analysis
Issuer, Subject, Serial: details of the untrusted certificate found in PK

Example response:

{
"status": "vulnerable",
"details": {"hashes": {"md5": "79e735a633dfcfbaa6953c59d6719eaf",
"sha1": "4562b0ded6c092adca953ef0dedf824571ebad08",
"sha256": "ea3e4c728b066bf6827adb0497ec6e32ab66c546c4ca89fca8f3113c3d74e950",
"sha512": "08ea8e3ba5c3b3202e71fe29d4e06914de5f5f503495608509456b97e2b8236e211f2b88e3e8e5fac68e2b1576fcc52fca71cb8bb3e48ec7b20fbe699de61b13"
},
"certificate": {"issuer": "CN=DO NOT TRUST - AMI Test PK",
"subject": "CN=DO NOT TRUST - AMI Test PK",
"serial": "08:c2:d1:c3:6c:9b:51:4f:b3:7c:6a:02:08:12:cd:59",
},
}
}

Try API with Swagger