nuclei-templates/ssl/kubernetes-fake-certificate...

30 lines
1.2 KiB
YAML
Raw Permalink Normal View History

id: kubernetes-fake-certificate
info:
2023-03-27 13:31:27 +00:00
name: Kubernetes Fake Ingress Certificate - Detect
author: kchason
severity: low
2023-03-27 13:31:27 +00:00
description: |
Kubernetes Fake Ingress Certificate is a feature in Kubernetes that allows users to create and use fake or self-signed SSL/TLS certificates for testing purposes without having to obtain a real SSL/TLS certificate from a trusted Certificate Authority (CA).
remediation: Purchase or generate a proper SSL certificate for this service.
reference:
- https://snyk.io/blog/setting-up-ssl-tls-for-kubernetes-ingress/
2023-03-27 13:31:27 +00:00
metadata:
2023-06-04 08:13:42 +00:00
verified: true
2023-10-14 11:27:55 +00:00
max-request: 1
2023-03-27 13:31:27 +00:00
shodan-query: ssl:"Kubernetes Ingress Controller Fake Certificate"
2024-01-14 09:21:50 +00:00
tags: ssl,tls,kubernetes,self-signed
ssl:
- address: "{{Host}}:{{Port}}"
matchers:
- type: dsl
dsl:
- 'subject_cn == "Kubernetes Ingress Controller Fake Certificate"'
- 'issuer_cn == "Kubernetes Ingress Controller Fake Certificate"'
condition: or
extractors:
- type: dsl
dsl:
2023-03-25 21:30:31 +00:00
- '"Issuer: " + issuer_cn'
# digest: 4b0a00483046022100d2f2bb14953ff9476f93b5bad3e3b08241fdb92301b624aa7b7cd2686c5a9a0b022100ba43be07509719a30e72d3333ac133dc23a3aa1d51125137e6fb8f9c0291fb0d:922c64590222798bb761d5b6d8e72950