2023-05-24 06:23:15 +00:00
id : weak-cipher-suites
2023-03-27 18:22:40 +00:00
info :
2023-05-24 06:23:15 +00:00
name : Weak Cipher Suites Detection
2023-03-27 18:22:40 +00:00
author : pussycat0x
2023-08-25 01:11:23 +00:00
severity : low
2023-10-14 11:27:55 +00:00
description : A weak cipher is defined as an encryption/decryption algorithm that uses a key of insufficient length. Using an insufficient length for a key in an encryption/decryption algorithm opens up the possibility (or probability) that the encryption scheme could be broken.
2023-03-27 18:22:40 +00:00
reference :
- https://www.acunetix.com/vulnerabilities/web/tls-ssl-weak-cipher-suites/
2023-05-24 06:23:15 +00:00
- http://ciphersuite.info
metadata :
max-request : 4
2023-10-14 11:27:55 +00:00
tags : ssl,tls,misconfig
2023-03-27 18:22:40 +00:00
ssl :
- address : "{{Host}}:{{Port}}"
min_version : tls10
max_version : tls10
extractors :
- type : dsl
dsl :
- "tls_version, cipher"
matchers :
- type : word
2023-06-22 09:54:21 +00:00
name : tls-1.0
2023-03-27 18:22:40 +00:00
part : cipher
words :
2023-05-24 06:23:15 +00:00
- "TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256"
- "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA"
- "TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384"
- "TLS_DH_RSA_WITH_AES_128_GCM_SHA256"
- "TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA"
- "TLS_RSA_WITH_AES_256_CBC_SHA"
- "TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA"
- "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA"
- "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256"
- "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA"
- "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA"
- "TLS_RSA_PSK_WITH_AES_128_GCM_SHA256"
- "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA"
- "TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256"
- "TLS_DH_RSA_WITH_AES_128_CBC_SHA"
- "TLS_RSA_WITH_IDEA_CBC_SHA"
- "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256"
- "TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384"
- "TLS_DH_RSA_WITH_SEED_CBC_SHA"
- "TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384"
- "TLS_DHE_DSS_WITH_ARIA_256_CBC_SHA384"
- "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256"
- "TLS_RSA_PSK_WITH_AES_256_CBC_SHA"
- "TLS_RSA_WITH_AES_128_CBC_SHA"
- "TLS_PSK_WITH_AES_256_CBC_SHA384"
- "TLS_DHE_DSS_WITH_SEED_CBC_SHA"
- "TLS_DH_DSS_WITH_ARIA_128_CBC_SHA256"
- "TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256"
- "TLS_SRP_SHA_WITH_AES_128_CBC_SHA"
- "TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384"
- "TLS_RSA_WITH_AES_128_CCM"
- "TLS_RSA_WITH_AES_256_CCM"
- "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA"
- "TLS_RSA_WITH_AES_128_CBC_SHA256"
- "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA"
- "TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256"
- "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256"
- "TLS_PSK_WITH_ARIA_128_GCM_SHA256"
- "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA"
- "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA"
- "TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256"
- "TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384"
- "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256"
- "TLS_DH_RSA_WITH_AES_256_GCM_SHA384"
- "TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384"
- "TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384"
- "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA"
- "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA"
- "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA"
- "TLS_DH_RSA_WITH_ARIA_256_CBC_SHA384"
- "TLS_PSK_WITH_ARIA_256_CBC_SHA384"
- "TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256"
- "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256"
- "TLS_PSK_WITH_AES_256_CBC_SHA"
- "TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA"
- "TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256"
- "TLS_DH_DSS_WITH_SEED_CBC_SHA"
- "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA"
- "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA"
- "TLS_PSK_WITH_CHACHA20_POLY1305_SHA256"
- "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256"
- "TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384"
- "TLS_SRP_SHA_WITH_AES_256_CBC_SHA"
- "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384"
- "TLS_DH_DSS_WITH_AES_256_CBC_SHA256"
- "TLS_PSK_WITH_AES_128_CCM_8"
- "TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA"
- "TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384"
- "TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384"
- "TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384"
- "TLS_PSK_WITH_ARIA_256_GCM_SHA384"
- "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA"
- "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256"
- "TLS_RSA_WITH_AES_256_CCM_8"
- "TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA"
- "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256"
- "TLS_DHE_PSK_WITH_AES_128_CBC_SHA"
- "TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384"
- "TLS_DHE_RSA_WITH_AES_256_CBC_SHA"
- "TLS_DHE_RSA_WITH_SEED_CBC_SHA"
- "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA"
- "TLS_DH_DSS_WITH_ARIA_256_GCM_SHA384"
- "TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384"
- "TLS_DHE_PSK_WITH_AES_256_CBC_SHA384"
- "TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256"
- "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384"
- "TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256"
- "TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA"
- "TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256"
- "TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256"
- "TLS_DHE_RSA_WITH_AES_128_CBC_SHA"
- "TLS_RSA_WITH_AES_128_CCM_8"
- "TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256"
- "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA"
- "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA"
- "TLS_DH_RSA_WITH_ARIA_256_GCM_SHA384"
- "TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256"
- "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256"
- "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256"
- "TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256"
- "TLS_KRB5_WITH_3DES_EDE_CBC_SHA"
- "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256"
- "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256"
- "TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256"
- "TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384"
- "TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256"
- "TLS_PSK_WITH_AES_128_CCM"
- "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256"
- "TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256"
- "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256"
- "TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA"
- "TLS_DH_DSS_WITH_AES_256_CBC_SHA"
- "TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384"
- "TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384"
- "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384"
- "TLS_PSK_WITH_ARIA_128_CBC_SHA256"
- "TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256"
- "TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384"
- "TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA"
- "TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256"
- "TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384"
- "TLS_PSK_WITH_AES_128_CBC_SHA"
- "TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384"
- "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA"
- "TLS_DH_DSS_WITH_AES_256_GCM_SHA384"
- "TLS_PSK_WITH_AES_128_CBC_SHA256"
- "TLS_DHE_DSS_WITH_ARIA_128_CBC_SHA256"
- "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA"
- "TLS_DH_RSA_WITH_AES_256_CBC_SHA256"
- "TLS_RSA_WITH_ARIA_128_GCM_SHA256"
- "TLS_RSA_WITH_ARIA_256_CBC_SHA384"
- "TLS_RSA_PSK_WITH_AES_128_CBC_SHA256"
- "TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA"
- "TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA"
- "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA"
- "TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384"
- "TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384"
- "TLS_DH_DSS_WITH_AES_128_GCM_SHA256"
- "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA"
- "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256"
- "TLS_DHE_PSK_WITH_AES_128_CBC_SHA256"
- "TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384"
- "TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256"
- "TLS_DH_DSS_WITH_AES_128_CBC_SHA"
- "TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256"
- "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256"
- "TLS_RSA_PSK_WITH_AES_128_CBC_SHA"
- "TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384"
- "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA"
- "TLS_PSK_WITH_3DES_EDE_CBC_SHA"
- "TLS_RSA_WITH_ARIA_128_CBC_SHA256"
- "TLS_RSA_PSK_WITH_AES_256_GCM_SHA384"
- "TLS_DH_DSS_WITH_AES_128_CBC_SHA256"
- "TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256"
- "TLS_RSA_PSK_WITH_AES_256_CBC_SHA384"
- "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256"
- "TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384"
- "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256"
- "TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256"
- "TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256"
- "TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384"
- "TLS_RSA_WITH_AES_256_CBC_SHA256"
- "TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA"
- "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384"
- "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA"
- "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384"
- "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA"
- "TLS_DHE_DSS_WITH_AES_128_CBC_SHA"
- "TLS_DHE_DSS_WITH_AES_256_CBC_SHA"
- "TLS_DHE_PSK_WITH_AES_256_CBC_SHA"
- "TLS_PSK_WITH_AES_128_GCM_SHA256"
- "TLS_RSA_WITH_ARIA_256_GCM_SHA384"
- "TLS_PSK_WITH_AES_256_GCM_SHA384"
- "TLS_DH_DSS_WITH_ARIA_128_GCM_SHA256"
- "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256"
- "TLS_DH_RSA_WITH_AES_128_CBC_SHA256"
- "TLS_RSA_WITH_AES_256_GCM_SHA384"
- "TLS_RSA_WITH_SEED_CBC_SHA"
- "TLS_DH_RSA_WITH_ARIA_128_CBC_SHA256"
- "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384"
- "TLS_PSK_WITH_AES_256_CCM"
- "TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256"
- "TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384"
- "TLS_DH_RSA_WITH_AES_256_CBC_SHA"
- "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA"
- "TLS_RSA_WITH_3DES_EDE_CBC_SHA"
- "TLS_DH_DSS_WITH_ARIA_256_CBC_SHA384"
- "TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA"
- "TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256"
- "TLS_PSK_WITH_AES_256_CCM_8"
- "TLS_RSA_WITH_AES_128_GCM_SHA256"
- "TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384"
- "TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256"
- "TLS_DH_RSA_WITH_ARIA_128_GCM_SHA256"
- "TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256"
- "TLS_KRB5_WITH_IDEA_CBC_SHA"
2023-03-27 18:22:40 +00:00
condition : or
- address : "{{Host}}:{{Port}}"
min_version : tls11
max_version : tls11
extractors :
- type : dsl
dsl :
- "tls_version, cipher"
matchers :
- type : word
2023-06-22 09:54:21 +00:00
name : tls-1.1
2023-03-27 18:22:40 +00:00
part : cipher
words :
2023-05-24 06:23:15 +00:00
- "TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256"
- "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA"
- "TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384"
- "TLS_DH_RSA_WITH_AES_128_GCM_SHA256"
- "TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA"
- "TLS_RSA_WITH_AES_256_CBC_SHA"
- "TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA"
- "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA"
- "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256"
- "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA"
- "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA"
- "TLS_RSA_PSK_WITH_AES_128_GCM_SHA256"
- "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA"
- "TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256"
- "TLS_DH_RSA_WITH_AES_128_CBC_SHA"
- "TLS_RSA_WITH_IDEA_CBC_SHA"
- "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256"
- "TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384"
- "TLS_DH_RSA_WITH_SEED_CBC_SHA"
- "TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384"
- "TLS_DHE_DSS_WITH_ARIA_256_CBC_SHA384"
- "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256"
- "TLS_RSA_PSK_WITH_AES_256_CBC_SHA"
- "TLS_RSA_WITH_AES_128_CBC_SHA"
- "TLS_PSK_WITH_AES_256_CBC_SHA384"
- "TLS_DHE_DSS_WITH_SEED_CBC_SHA"
- "TLS_DH_DSS_WITH_ARIA_128_CBC_SHA256"
- "TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256"
- "TLS_SRP_SHA_WITH_AES_128_CBC_SHA"
- "TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384"
- "TLS_RSA_WITH_AES_128_CCM"
- "TLS_RSA_WITH_AES_256_CCM"
- "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA"
- "TLS_RSA_WITH_AES_128_CBC_SHA256"
- "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA"
- "TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256"
- "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256"
- "TLS_PSK_WITH_ARIA_128_GCM_SHA256"
- "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA"
- "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA"
- "TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256"
- "TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384"
- "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256"
- "TLS_DH_RSA_WITH_AES_256_GCM_SHA384"
- "TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384"
- "TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384"
- "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA"
- "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA"
- "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA"
- "TLS_DH_RSA_WITH_ARIA_256_CBC_SHA384"
- "TLS_PSK_WITH_ARIA_256_CBC_SHA384"
- "TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256"
- "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256"
- "TLS_PSK_WITH_AES_256_CBC_SHA"
- "TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA"
- "TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256"
- "TLS_DH_DSS_WITH_SEED_CBC_SHA"
- "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA"
- "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA"
- "TLS_PSK_WITH_CHACHA20_POLY1305_SHA256"
- "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256"
- "TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384"
- "TLS_SRP_SHA_WITH_AES_256_CBC_SHA"
- "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384"
- "TLS_DH_DSS_WITH_AES_256_CBC_SHA256"
- "TLS_PSK_WITH_AES_128_CCM_8"
- "TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA"
- "TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384"
- "TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384"
- "TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384"
- "TLS_PSK_WITH_ARIA_256_GCM_SHA384"
- "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA"
- "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256"
- "TLS_RSA_WITH_AES_256_CCM_8"
- "TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA"
- "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256"
- "TLS_DHE_PSK_WITH_AES_128_CBC_SHA"
- "TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384"
- "TLS_DHE_RSA_WITH_AES_256_CBC_SHA"
- "TLS_DHE_RSA_WITH_SEED_CBC_SHA"
- "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA"
- "TLS_DH_DSS_WITH_ARIA_256_GCM_SHA384"
- "TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384"
- "TLS_DHE_PSK_WITH_AES_256_CBC_SHA384"
- "TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256"
- "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384"
- "TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256"
- "TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA"
- "TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256"
- "TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256"
- "TLS_DHE_RSA_WITH_AES_128_CBC_SHA"
- "TLS_RSA_WITH_AES_128_CCM_8"
- "TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256"
- "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA"
- "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA"
- "TLS_DH_RSA_WITH_ARIA_256_GCM_SHA384"
- "TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256"
- "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256"
- "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256"
- "TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256"
- "TLS_KRB5_WITH_3DES_EDE_CBC_SHA"
- "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256"
- "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256"
- "TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256"
- "TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384"
- "TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256"
- "TLS_PSK_WITH_AES_128_CCM"
- "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256"
- "TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256"
- "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256"
- "TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA"
- "TLS_DH_DSS_WITH_AES_256_CBC_SHA"
- "TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384"
- "TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384"
- "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384"
- "TLS_PSK_WITH_ARIA_128_CBC_SHA256"
- "TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256"
- "TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384"
- "TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA"
- "TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256"
- "TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384"
- "TLS_PSK_WITH_AES_128_CBC_SHA"
- "TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384"
- "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA"
- "TLS_DH_DSS_WITH_AES_256_GCM_SHA384"
- "TLS_PSK_WITH_AES_128_CBC_SHA256"
- "TLS_DHE_DSS_WITH_ARIA_128_CBC_SHA256"
- "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA"
- "TLS_DH_RSA_WITH_AES_256_CBC_SHA256"
- "TLS_RSA_WITH_ARIA_128_GCM_SHA256"
- "TLS_RSA_WITH_ARIA_256_CBC_SHA384"
- "TLS_RSA_PSK_WITH_AES_128_CBC_SHA256"
- "TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA"
- "TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA"
- "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA"
- "TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384"
- "TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384"
- "TLS_DH_DSS_WITH_AES_128_GCM_SHA256"
- "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA"
- "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256"
- "TLS_DHE_PSK_WITH_AES_128_CBC_SHA256"
- "TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384"
- "TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256"
- "TLS_DH_DSS_WITH_AES_128_CBC_SHA"
- "TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256"
- "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256"
- "TLS_RSA_PSK_WITH_AES_128_CBC_SHA"
- "TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384"
- "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA"
- "TLS_PSK_WITH_3DES_EDE_CBC_SHA"
- "TLS_RSA_WITH_ARIA_128_CBC_SHA256"
- "TLS_RSA_PSK_WITH_AES_256_GCM_SHA384"
- "TLS_DH_DSS_WITH_AES_128_CBC_SHA256"
- "TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256"
- "TLS_RSA_PSK_WITH_AES_256_CBC_SHA384"
- "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256"
- "TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384"
- "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256"
- "TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256"
- "TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256"
- "TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384"
- "TLS_RSA_WITH_AES_256_CBC_SHA256"
- "TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA"
- "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384"
- "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA"
- "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384"
- "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA"
- "TLS_DHE_DSS_WITH_AES_128_CBC_SHA"
- "TLS_DHE_DSS_WITH_AES_256_CBC_SHA"
- "TLS_DHE_PSK_WITH_AES_256_CBC_SHA"
- "TLS_PSK_WITH_AES_128_GCM_SHA256"
- "TLS_RSA_WITH_ARIA_256_GCM_SHA384"
- "TLS_PSK_WITH_AES_256_GCM_SHA384"
- "TLS_DH_DSS_WITH_ARIA_128_GCM_SHA256"
- "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256"
- "TLS_DH_RSA_WITH_AES_128_CBC_SHA256"
- "TLS_RSA_WITH_AES_256_GCM_SHA384"
- "TLS_RSA_WITH_SEED_CBC_SHA"
- "TLS_DH_RSA_WITH_ARIA_128_CBC_SHA256"
- "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384"
- "TLS_PSK_WITH_AES_256_CCM"
- "TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256"
- "TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384"
- "TLS_DH_RSA_WITH_AES_256_CBC_SHA"
- "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA"
- "TLS_RSA_WITH_3DES_EDE_CBC_SHA"
- "TLS_DH_DSS_WITH_ARIA_256_CBC_SHA384"
- "TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA"
- "TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256"
- "TLS_PSK_WITH_AES_256_CCM_8"
- "TLS_RSA_WITH_AES_128_GCM_SHA256"
- "TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384"
- "TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256"
- "TLS_DH_RSA_WITH_ARIA_128_GCM_SHA256"
- "TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256"
- "TLS_KRB5_WITH_IDEA_CBC_SHA"
2023-03-27 18:22:40 +00:00
condition : or
- address : "{{Host}}:{{Port}}"
min_version : tls12
max_version : tls12
extractors :
- type : dsl
dsl :
- "tls_version, cipher"
matchers :
- type : word
2023-06-22 09:54:21 +00:00
name : tls-1.2
2023-03-27 18:22:40 +00:00
part : cipher
words :
2023-05-24 06:23:15 +00:00
- "TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256"
- "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA"
- "TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384"
- "TLS_DH_RSA_WITH_AES_128_GCM_SHA256"
- "TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA"
- "TLS_RSA_WITH_AES_256_CBC_SHA"
- "TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA"
- "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA"
- "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256"
- "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA"
- "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA"
- "TLS_RSA_PSK_WITH_AES_128_GCM_SHA256"
- "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA"
- "TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256"
- "TLS_DH_RSA_WITH_AES_128_CBC_SHA"
- "TLS_RSA_WITH_IDEA_CBC_SHA"
- "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256"
- "TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384"
- "TLS_DH_RSA_WITH_SEED_CBC_SHA"
- "TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384"
- "TLS_DHE_DSS_WITH_ARIA_256_CBC_SHA384"
- "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256"
- "TLS_RSA_PSK_WITH_AES_256_CBC_SHA"
- "TLS_RSA_WITH_AES_128_CBC_SHA"
- "TLS_PSK_WITH_AES_256_CBC_SHA384"
- "TLS_DHE_DSS_WITH_SEED_CBC_SHA"
- "TLS_DH_DSS_WITH_ARIA_128_CBC_SHA256"
- "TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256"
- "TLS_SRP_SHA_WITH_AES_128_CBC_SHA"
- "TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384"
- "TLS_RSA_WITH_AES_128_CCM"
- "TLS_RSA_WITH_AES_256_CCM"
- "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA"
- "TLS_RSA_WITH_AES_128_CBC_SHA256"
- "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA"
- "TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256"
- "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256"
- "TLS_PSK_WITH_ARIA_128_GCM_SHA256"
- "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA"
- "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA"
- "TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256"
- "TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384"
- "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256"
- "TLS_DH_RSA_WITH_AES_256_GCM_SHA384"
- "TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384"
- "TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384"
- "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA"
- "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA"
- "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA"
- "TLS_DH_RSA_WITH_ARIA_256_CBC_SHA384"
- "TLS_PSK_WITH_ARIA_256_CBC_SHA384"
- "TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256"
- "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256"
- "TLS_PSK_WITH_AES_256_CBC_SHA"
- "TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA"
- "TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256"
- "TLS_DH_DSS_WITH_SEED_CBC_SHA"
- "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA"
- "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA"
- "TLS_PSK_WITH_CHACHA20_POLY1305_SHA256"
- "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256"
- "TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384"
- "TLS_SRP_SHA_WITH_AES_256_CBC_SHA"
- "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384"
- "TLS_DH_DSS_WITH_AES_256_CBC_SHA256"
- "TLS_PSK_WITH_AES_128_CCM_8"
- "TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA"
- "TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384"
- "TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384"
- "TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384"
- "TLS_PSK_WITH_ARIA_256_GCM_SHA384"
- "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA"
- "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256"
- "TLS_RSA_WITH_AES_256_CCM_8"
- "TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA"
- "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256"
- "TLS_DHE_PSK_WITH_AES_128_CBC_SHA"
- "TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384"
- "TLS_DHE_RSA_WITH_AES_256_CBC_SHA"
- "TLS_DHE_RSA_WITH_SEED_CBC_SHA"
- "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA"
- "TLS_DH_DSS_WITH_ARIA_256_GCM_SHA384"
- "TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384"
- "TLS_DHE_PSK_WITH_AES_256_CBC_SHA384"
- "TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256"
- "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384"
- "TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256"
- "TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA"
- "TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256"
- "TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256"
- "TLS_DHE_RSA_WITH_AES_128_CBC_SHA"
- "TLS_RSA_WITH_AES_128_CCM_8"
- "TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256"
- "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA"
- "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA"
- "TLS_DH_RSA_WITH_ARIA_256_GCM_SHA384"
- "TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256"
- "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256"
- "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256"
- "TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256"
- "TLS_KRB5_WITH_3DES_EDE_CBC_SHA"
- "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256"
- "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256"
- "TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256"
- "TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384"
- "TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256"
- "TLS_PSK_WITH_AES_128_CCM"
- "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256"
- "TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256"
- "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256"
- "TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA"
- "TLS_DH_DSS_WITH_AES_256_CBC_SHA"
- "TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384"
- "TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384"
- "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384"
- "TLS_PSK_WITH_ARIA_128_CBC_SHA256"
- "TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256"
- "TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384"
- "TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA"
- "TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256"
- "TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384"
- "TLS_PSK_WITH_AES_128_CBC_SHA"
- "TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384"
- "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA"
- "TLS_DH_DSS_WITH_AES_256_GCM_SHA384"
- "TLS_PSK_WITH_AES_128_CBC_SHA256"
- "TLS_DHE_DSS_WITH_ARIA_128_CBC_SHA256"
- "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA"
- "TLS_DH_RSA_WITH_AES_256_CBC_SHA256"
- "TLS_RSA_WITH_ARIA_128_GCM_SHA256"
- "TLS_RSA_WITH_ARIA_256_CBC_SHA384"
- "TLS_RSA_PSK_WITH_AES_128_CBC_SHA256"
- "TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA"
- "TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA"
- "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA"
- "TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384"
- "TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384"
- "TLS_DH_DSS_WITH_AES_128_GCM_SHA256"
- "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA"
- "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256"
- "TLS_DHE_PSK_WITH_AES_128_CBC_SHA256"
- "TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384"
- "TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256"
- "TLS_DH_DSS_WITH_AES_128_CBC_SHA"
- "TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256"
- "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256"
- "TLS_RSA_PSK_WITH_AES_128_CBC_SHA"
- "TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384"
- "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA"
- "TLS_PSK_WITH_3DES_EDE_CBC_SHA"
- "TLS_RSA_WITH_ARIA_128_CBC_SHA256"
- "TLS_RSA_PSK_WITH_AES_256_GCM_SHA384"
- "TLS_DH_DSS_WITH_AES_128_CBC_SHA256"
- "TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256"
- "TLS_RSA_PSK_WITH_AES_256_CBC_SHA384"
- "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256"
- "TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384"
- "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256"
- "TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256"
- "TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256"
- "TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384"
- "TLS_RSA_WITH_AES_256_CBC_SHA256"
- "TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA"
- "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384"
- "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA"
- "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384"
- "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA"
- "TLS_DHE_DSS_WITH_AES_128_CBC_SHA"
- "TLS_DHE_DSS_WITH_AES_256_CBC_SHA"
- "TLS_DHE_PSK_WITH_AES_256_CBC_SHA"
- "TLS_PSK_WITH_AES_128_GCM_SHA256"
- "TLS_RSA_WITH_ARIA_256_GCM_SHA384"
- "TLS_PSK_WITH_AES_256_GCM_SHA384"
- "TLS_DH_DSS_WITH_ARIA_128_GCM_SHA256"
- "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256"
- "TLS_DH_RSA_WITH_AES_128_CBC_SHA256"
- "TLS_RSA_WITH_AES_256_GCM_SHA384"
- "TLS_RSA_WITH_SEED_CBC_SHA"
- "TLS_DH_RSA_WITH_ARIA_128_CBC_SHA256"
- "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384"
- "TLS_PSK_WITH_AES_256_CCM"
- "TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256"
- "TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384"
- "TLS_DH_RSA_WITH_AES_256_CBC_SHA"
- "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA"
- "TLS_RSA_WITH_3DES_EDE_CBC_SHA"
- "TLS_DH_DSS_WITH_ARIA_256_CBC_SHA384"
- "TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA"
- "TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256"
- "TLS_PSK_WITH_AES_256_CCM_8"
- "TLS_RSA_WITH_AES_128_GCM_SHA256"
- "TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384"
- "TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256"
- "TLS_DH_RSA_WITH_ARIA_128_GCM_SHA256"
- "TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256"
- "TLS_KRB5_WITH_IDEA_CBC_SHA"
2023-03-27 18:22:40 +00:00
condition : or
- address : "{{Host}}:{{Port}}"
min_version : tls13
max_version : tls13
extractors :
- type : dsl
dsl :
- "tls_version, cipher"
matchers :
- type : word
2023-06-22 09:54:21 +00:00
name : tls-1.3
2023-03-27 18:22:40 +00:00
part : cipher
words :
2023-05-24 06:23:15 +00:00
- "TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256"
- "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA"
- "TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384"
- "TLS_DH_RSA_WITH_AES_128_GCM_SHA256"
- "TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA"
- "TLS_RSA_WITH_AES_256_CBC_SHA"
- "TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA"
- "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA"
- "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256"
- "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA"
- "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA"
- "TLS_RSA_PSK_WITH_AES_128_GCM_SHA256"
- "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA"
- "TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256"
- "TLS_DH_RSA_WITH_AES_128_CBC_SHA"
- "TLS_RSA_WITH_IDEA_CBC_SHA"
- "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256"
- "TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384"
- "TLS_DH_RSA_WITH_SEED_CBC_SHA"
- "TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384"
- "TLS_DHE_DSS_WITH_ARIA_256_CBC_SHA384"
- "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256"
- "TLS_RSA_PSK_WITH_AES_256_CBC_SHA"
- "TLS_RSA_WITH_AES_128_CBC_SHA"
- "TLS_PSK_WITH_AES_256_CBC_SHA384"
- "TLS_DHE_DSS_WITH_SEED_CBC_SHA"
- "TLS_DH_DSS_WITH_ARIA_128_CBC_SHA256"
- "TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256"
- "TLS_SRP_SHA_WITH_AES_128_CBC_SHA"
- "TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384"
- "TLS_RSA_WITH_AES_128_CCM"
- "TLS_RSA_WITH_AES_256_CCM"
- "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA"
- "TLS_RSA_WITH_AES_128_CBC_SHA256"
- "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA"
- "TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256"
- "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256"
- "TLS_PSK_WITH_ARIA_128_GCM_SHA256"
- "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA"
- "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA"
- "TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256"
- "TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384"
- "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256"
- "TLS_DH_RSA_WITH_AES_256_GCM_SHA384"
- "TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384"
- "TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384"
- "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA"
- "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA"
- "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA"
- "TLS_DH_RSA_WITH_ARIA_256_CBC_SHA384"
- "TLS_PSK_WITH_ARIA_256_CBC_SHA384"
- "TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256"
- "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256"
- "TLS_PSK_WITH_AES_256_CBC_SHA"
- "TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA"
- "TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256"
- "TLS_DH_DSS_WITH_SEED_CBC_SHA"
- "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA"
- "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA"
- "TLS_PSK_WITH_CHACHA20_POLY1305_SHA256"
- "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256"
- "TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384"
- "TLS_SRP_SHA_WITH_AES_256_CBC_SHA"
- "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384"
- "TLS_DH_DSS_WITH_AES_256_CBC_SHA256"
- "TLS_PSK_WITH_AES_128_CCM_8"
- "TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA"
- "TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384"
- "TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384"
- "TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384"
- "TLS_PSK_WITH_ARIA_256_GCM_SHA384"
- "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA"
- "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256"
- "TLS_RSA_WITH_AES_256_CCM_8"
- "TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA"
- "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256"
- "TLS_DHE_PSK_WITH_AES_128_CBC_SHA"
- "TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384"
- "TLS_DHE_RSA_WITH_AES_256_CBC_SHA"
- "TLS_DHE_RSA_WITH_SEED_CBC_SHA"
- "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA"
- "TLS_DH_DSS_WITH_ARIA_256_GCM_SHA384"
- "TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384"
- "TLS_DHE_PSK_WITH_AES_256_CBC_SHA384"
- "TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256"
- "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384"
- "TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256"
- "TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA"
- "TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256"
- "TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256"
- "TLS_DHE_RSA_WITH_AES_128_CBC_SHA"
- "TLS_RSA_WITH_AES_128_CCM_8"
- "TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256"
- "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA"
- "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA"
- "TLS_DH_RSA_WITH_ARIA_256_GCM_SHA384"
- "TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256"
- "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256"
- "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256"
- "TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256"
- "TLS_KRB5_WITH_3DES_EDE_CBC_SHA"
- "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256"
- "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256"
- "TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256"
- "TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384"
- "TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256"
- "TLS_PSK_WITH_AES_128_CCM"
- "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256"
- "TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256"
- "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256"
- "TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA"
- "TLS_DH_DSS_WITH_AES_256_CBC_SHA"
- "TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384"
- "TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384"
- "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384"
- "TLS_PSK_WITH_ARIA_128_CBC_SHA256"
- "TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256"
- "TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384"
- "TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA"
- "TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256"
- "TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384"
- "TLS_PSK_WITH_AES_128_CBC_SHA"
- "TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384"
- "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA"
- "TLS_DH_DSS_WITH_AES_256_GCM_SHA384"
- "TLS_PSK_WITH_AES_128_CBC_SHA256"
- "TLS_DHE_DSS_WITH_ARIA_128_CBC_SHA256"
- "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA"
- "TLS_DH_RSA_WITH_AES_256_CBC_SHA256"
- "TLS_RSA_WITH_ARIA_128_GCM_SHA256"
- "TLS_RSA_WITH_ARIA_256_CBC_SHA384"
- "TLS_RSA_PSK_WITH_AES_128_CBC_SHA256"
- "TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA"
- "TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA"
- "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA"
- "TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384"
- "TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384"
- "TLS_DH_DSS_WITH_AES_128_GCM_SHA256"
- "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA"
- "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256"
- "TLS_DHE_PSK_WITH_AES_128_CBC_SHA256"
- "TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384"
- "TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256"
- "TLS_DH_DSS_WITH_AES_128_CBC_SHA"
- "TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256"
- "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256"
- "TLS_RSA_PSK_WITH_AES_128_CBC_SHA"
- "TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384"
- "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA"
- "TLS_PSK_WITH_3DES_EDE_CBC_SHA"
- "TLS_RSA_WITH_ARIA_128_CBC_SHA256"
- "TLS_RSA_PSK_WITH_AES_256_GCM_SHA384"
- "TLS_DH_DSS_WITH_AES_128_CBC_SHA256"
- "TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256"
- "TLS_RSA_PSK_WITH_AES_256_CBC_SHA384"
- "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256"
- "TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384"
- "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256"
- "TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256"
- "TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256"
- "TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384"
- "TLS_RSA_WITH_AES_256_CBC_SHA256"
- "TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA"
- "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384"
- "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA"
- "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384"
- "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA"
- "TLS_DHE_DSS_WITH_AES_128_CBC_SHA"
- "TLS_DHE_DSS_WITH_AES_256_CBC_SHA"
- "TLS_DHE_PSK_WITH_AES_256_CBC_SHA"
- "TLS_PSK_WITH_AES_128_GCM_SHA256"
- "TLS_RSA_WITH_ARIA_256_GCM_SHA384"
- "TLS_PSK_WITH_AES_256_GCM_SHA384"
- "TLS_DH_DSS_WITH_ARIA_128_GCM_SHA256"
- "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256"
- "TLS_DH_RSA_WITH_AES_128_CBC_SHA256"
- "TLS_RSA_WITH_AES_256_GCM_SHA384"
- "TLS_RSA_WITH_SEED_CBC_SHA"
- "TLS_DH_RSA_WITH_ARIA_128_CBC_SHA256"
- "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384"
- "TLS_PSK_WITH_AES_256_CCM"
- "TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256"
- "TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384"
- "TLS_DH_RSA_WITH_AES_256_CBC_SHA"
- "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA"
- "TLS_RSA_WITH_3DES_EDE_CBC_SHA"
- "TLS_DH_DSS_WITH_ARIA_256_CBC_SHA384"
- "TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA"
- "TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256"
- "TLS_PSK_WITH_AES_256_CCM_8"
- "TLS_RSA_WITH_AES_128_GCM_SHA256"
- "TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384"
- "TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256"
- "TLS_DH_RSA_WITH_ARIA_128_GCM_SHA256"
- "TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256"
- "TLS_KRB5_WITH_IDEA_CBC_SHA"
2023-03-27 18:22:40 +00:00
condition : or