About FreeBrowser
FreeBrowser is a free, censorship-resistant web browser developed by GreatFire.org. The tool’s circumvention capabilities are integrated directly within a browser interface, providing a seamless and easy-to-use method to access blocked websites for people in repressive information contexts.
Audit description
OTF’s Security Lab partner, 7ASecurity, conducted a penetration test and “whitebox” audit of the FreeBrowser platform between February and March 2025. A whitebox audit is a form of testing in which the auditors have complete knowledge of the item being tested. In this case, 7ASecurity had access to the staging environment — an exact replica of the configurations of hardware, software, and data of the publicly available tool — as well as documentation, source code, and server access, which allowed for a deep and detailed test. The goal of the audit was to review the tool as thoroughly as possible, to ensure the best possible security for users.
Scope
The security audit included seven work packages:
- Mobile security tests against FreeBrowser Android app
- Whitebox tests against fbproxy and Windows, Linux, and MacOS clients
- Whitebox tests against the FreeBrowser backend
- Privacy audit of FreeBrowser clients and backend
- Whitebox tests against servers, infrastructure, and configuration via SSH
- FreeBrowser Lightweight Threat Model documentation
- Whitebox tests against FreeBrowser supply chain implementation
Findings
Auditors identified 11 vulnerabilities, three of which were considered critical:
1. Trusted Proxy Certificate Authority Enables Stealth Man-in-the-Middle Attacks
A certificate authority (CA) is a trusted entity that issues digital certificates to websites to authenticate their content when sent from web servers for a user to access. The FreeBrowser repository contains the files proxy.pem and proxy.key, which store the CA certificate and its private key (used for signing dynamically generated certificates). These files have not been updated with unique key material, but instead, have maintained the key’s bundle versions, exposing the CA key publicly in the codebase.
This means that any adversary with read access to the public FreeBrowser repository can obtain the CA key, forge certificates, and conduct a man-in-the-middle (MitM) attack — intercepting communication between a user and the web server — on HTTPS traffic. Furthermore, since the CA certificate used is trusted system-wide, any certificate signed using the compromised key is automatically trusted. As a result, an adversary could intercept HTTPS traffic completely undetected.
2. Insecure Proxy CA Private Key Handling
At the time of the audit, FreeBrowser was not managing previously-installed system-wide CA certificates, which exacerbated the vulnerability described above.
The private key of the expired CA (Default MitM CA) from FreeBrowser’s internal repository had already been deployed and leaked. Any obfuscation techniques that FreeBrowser had implemented to make the key difficult to read proved ineffective during testing. The new CA certificate (Internet Widgits Pty Ltd CA) is embedded in the fbproxy Go-based component (Go is an open source programming language), which is where the private key material is stored. 7ASecurity found that the CA certificate, including the private key material, could easily be extracted from the public version of FreeBrowser.
At the same time, no scripts handling the removal of CAs during software uninstallation were found in any version of FreeBrowser, and no scripts removing the old, compromised CA certificate were identified in the new source code. As a result, the compromised CA remains in the system even after the application is deleted or upgraded on user machines (exposing them to MitM attacks) until the certificate expires in 2051. All available FreeBrowser versions are affected.
3. Content Delivery Network Poisoning via fbnginx URL Endpoint
Content Delivery Network (CDN) configuration involves setting up a global system of servers to cache (or store) website content in locations near users, enabling faster delivery of web files. FreeBrowser’s CDN configuration and proxy logic — or decision-making processes embedded within a proxy — allow arbitrary content caching for any URL and user. At the same time, FreeBrowser uses the MD5 hash function to generate caching keys, which is a weak hash function vulnerable to collision attacks. As a result, an attacker can precompute the caching key and spoof the User-Agent HTTP header — intentionally changing or faking the information of that header, which tells a web server who you are (a browser, a bot, or an app; which version, and operating system ) — and thereby force requests to an attacker-controlled server. This poisons the CDN cache, serving attacker-controlled content for any original URL requested.
All users are potentially affected. The attack enables theft of tokens, credentials, funds, cryptocurrencies, or any data passing through the FreeBrowser backend. Furthermore, the FreeBrowser service modifies HTTP headers to bypass censorship, and does not rely on HTTPS for data integrity. This weakness allows attackers to inject and store malicious content in the CDN. In addition, they can attempt to poison all CDNs used by FreeBrowser or target vulnerable ones to increase the success rate.
Auditors also identified four high-, three medium-, and one low-level vulnerability. These included the potential for cache poisoning, system-wide MitM attacks, and manipulation of user interactions on Android 8 and 9 and unpatched devices.
You can read the Audit Report HERE
You can read OTF’s Blog HERE
You can read more about FreeBrowser HERE
