2023-10-14 11:27:55 +00:00
|
|
|
id: insecure-cipher-suite-detect
|
|
|
|
|
2023-06-03 18:56:35 +00:00
|
|
|
info:
|
|
|
|
name: Insecure Cipher Suite Detection
|
|
|
|
author: pussycat0x
|
|
|
|
severity: info
|
|
|
|
description: |
|
|
|
|
Weak ciphers are those encryption algorithms vulnerable to attack, often as a result of an insufficient key length.
|
|
|
|
reference:
|
|
|
|
- https://www.acunetix.com/vulnerabilities/web/tls-ssl-weak-cipher-suites/
|
|
|
|
metadata:
|
|
|
|
max-request: 4
|
2023-12-07 21:57:41 +00:00
|
|
|
tags: ssl,tls
|
2023-10-14 11:27:55 +00:00
|
|
|
ssl:
|
|
|
|
- address: "{{Host}}:{{Port}}"
|
|
|
|
min_version: tls10
|
|
|
|
max_version: tls10
|
|
|
|
|
|
|
|
extractors:
|
|
|
|
- type: dsl
|
|
|
|
dsl:
|
|
|
|
- "tls_version, cipher"
|
|
|
|
matchers:
|
|
|
|
- type: word
|
|
|
|
part: cipher
|
|
|
|
words:
|
|
|
|
- "TLS_DHE_PSK_WITH_NULL_SHA384"
|
|
|
|
- "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA"
|
|
|
|
- "TLS_DH_anon_WITH_AES_128_GCM_SHA256"
|
|
|
|
- "TLS_NULL_WITH_NULL_NULL"
|
|
|
|
- "TLS_DH_DSS_WITH_DES_CBC_SHA"
|
|
|
|
- "TLS_ECDH_RSA_WITH_NULL_SHA"
|
|
|
|
- "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5"
|
|
|
|
- "TLS_DH_anon_WITH_AES_256_CBC_SHA"
|
|
|
|
- "TLS_DH_anon_WITH_ARIA_128_CBC_SHA256"
|
|
|
|
- "TLS_RSA_WITH_RC4_128_MD5"
|
|
|
|
- "TLS_SM4_CCM_SM3"
|
|
|
|
- "TLS_DH_anon_WITH_CAMELLIA_256_GCM_SHA384"
|
|
|
|
- "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA"
|
|
|
|
- "TLS_ECDH_RSA_WITH_RC4_128_SHA"
|
|
|
|
- "TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5"
|
|
|
|
- "TLS_RSA_PSK_WITH_RC4_128_SHA"
|
|
|
|
- "TLS_GOSTR341112_256_WITH_MAGMA_CTR_OMAC"
|
|
|
|
- "TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA"
|
|
|
|
- "TLS_DH_anon_WITH_ARIA_256_GCM_SHA384"
|
|
|
|
- "TLS_DHE_PSK_WITH_NULL_SHA256"
|
|
|
|
- "TLS_ECDHE_PSK_WITH_RC4_128_SHA"
|
|
|
|
- "TLS_PSK_WITH_RC4_128_SHA"
|
|
|
|
- "TLS_DHE_PSK_WITH_RC4_128_SHA"
|
|
|
|
- "TLS_KRB5_WITH_DES_CBC_SHA"
|
|
|
|
- "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA"
|
|
|
|
- "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256"
|
|
|
|
- "TLS_PSK_WITH_NULL_SHA"
|
|
|
|
- "TLS_RSA_EXPORT_WITH_RC4_40_MD5"
|
|
|
|
- "TLS_DH_anon_WITH_RC4_128_MD5"
|
|
|
|
- "TLS_ECDHE_ECDSA_WITH_NULL_SHA"
|
|
|
|
- "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256"
|
|
|
|
- "TLS_RSA_WITH_NULL_MD5"
|
|
|
|
- "TLS_SHA384_SHA384"
|
|
|
|
- "TLS_SHA256_SHA256"
|
|
|
|
- "TLS_DH_anon_WITH_AES_256_GCM_SHA384"
|
|
|
|
- "TLS_RSA_WITH_NULL_SHA256"
|
|
|
|
- "TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA"
|
|
|
|
- "TLS_RSA_WITH_DES_CBC_SHA"
|
|
|
|
- "TLS_KRB5_EXPORT_WITH_RC2_CBC_40_SHA"
|
|
|
|
- "TLS_PSK_WITH_NULL_SHA384"
|
|
|
|
- "TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA"
|
|
|
|
- "TLS_KRB5_WITH_RC4_128_MD5"
|
|
|
|
- "TLS_DH_anon_WITH_AES_128_CBC_SHA"
|
|
|
|
- "TLS_DHE_PSK_WITH_NULL_SHA"
|
|
|
|
- "TLS_DH_anon_WITH_ARIA_256_CBC_SHA384"
|
|
|
|
- "TLS_DH_anon_WITH_DES_CBC_SHA"
|
|
|
|
- "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA"
|
|
|
|
- "TLS_DH_anon_WITH_SEED_CBC_SHA"
|
|
|
|
- "TLS_DH_anon_WITH_AES_256_CBC_SHA256"
|
|
|
|
- "TLS_DHE_DSS_WITH_DES_CBC_SHA"
|
|
|
|
- "TLS_PSK_WITH_NULL_SHA256"
|
|
|
|
- "TLS_ECDH_ECDSA_WITH_RC4_128_SHA"
|
|
|
|
- "TLS_ECDH_anon_WITH_AES_128_CBC_SHA"
|
|
|
|
- "TLS_ECDHE_PSK_WITH_NULL_SHA"
|
|
|
|
- "TLS_ECDH_anon_WITH_NULL_SHA"
|
|
|
|
- "TLS_ECDH_anon_WITH_AES_256_CBC_SHA"
|
|
|
|
- "TLS_KRB5_WITH_IDEA_CBC_MD5"
|
|
|
|
- "TLS_GOSTR341112_256_WITH_KUZNYECHIK_CTR_OMAC"
|
|
|
|
- "TLS_ECDHE_RSA_WITH_NULL_SHA"
|
|
|
|
- "TLS_GOSTR341112_256_WITH_28147_CNT_IMIT"
|
|
|
|
- "TLS_RSA_PSK_WITH_NULL_SHA"
|
|
|
|
- "TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA"
|
|
|
|
- "TLS_KRB5_WITH_DES_CBC_MD5"
|
|
|
|
- "TLS_KRB5_EXPORT_WITH_RC4_40_SHA"
|
|
|
|
- "TLS_DH_anon_WITH_ARIA_128_GCM_SHA256"
|
|
|
|
- "TLS_SM4_GCM_SM3"
|
|
|
|
- "TLS_ECDHE_PSK_WITH_NULL_SHA384"
|
|
|
|
- "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA"
|
|
|
|
- "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA"
|
|
|
|
- "TLS_KRB5_EXPORT_WITH_RC4_40_MD5"
|
|
|
|
- "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA"
|
|
|
|
- "TLS_RSA_PSK_WITH_NULL_SHA256"
|
|
|
|
- "TLS_ECDHE_PSK_WITH_NULL_SHA256"
|
|
|
|
- "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5"
|
|
|
|
- "TLS_DH_RSA_WITH_DES_CBC_SHA"
|
|
|
|
- "TLS_ECDHE_RSA_WITH_RC4_128_SHA"
|
|
|
|
- "TLS_ECDH_anon_WITH_RC4_128_SHA"
|
|
|
|
- "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA"
|
|
|
|
- "TLS_DHE_RSA_WITH_DES_CBC_SHA"
|
|
|
|
- "TLS_RSA_WITH_RC4_128_SHA"
|
|
|
|
- "TLS_KRB5_EXPORT_WITH_RC2_CBC_40_MD5"
|
|
|
|
- "TLS_DH_anon_WITH_AES_128_CBC_SHA256"
|
|
|
|
- "TLS_DH_anon_WITH_CAMELLIA_128_GCM_SHA256"
|
|
|
|
- "TLS_ECDH_ECDSA_WITH_NULL_SHA"
|
|
|
|
- "TLS_RSA_PSK_WITH_NULL_SHA384"
|
|
|
|
- "TLS_KRB5_WITH_3DES_EDE_CBC_MD5"
|
|
|
|
- "TLS_KRB5_WITH_RC4_128_SHA"
|
|
|
|
- "TLS_RSA_WITH_NULL_SHA"
|
|
|
|
condition: or
|
|
|
|
|
|
|
|
- address: "{{Host}}:{{Port}}"
|
|
|
|
min_version: tls11
|
|
|
|
max_version: tls11
|
|
|
|
|
|
|
|
extractors:
|
|
|
|
- type: dsl
|
|
|
|
dsl:
|
|
|
|
- "tls_version, cipher"
|
|
|
|
matchers:
|
|
|
|
- type: word
|
|
|
|
part: cipher
|
|
|
|
words:
|
|
|
|
- "TLS_DHE_PSK_WITH_NULL_SHA384"
|
|
|
|
- "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA"
|
|
|
|
- "TLS_DH_anon_WITH_AES_128_GCM_SHA256"
|
|
|
|
- "TLS_NULL_WITH_NULL_NULL"
|
|
|
|
- "TLS_DH_DSS_WITH_DES_CBC_SHA"
|
|
|
|
- "TLS_ECDH_RSA_WITH_NULL_SHA"
|
|
|
|
- "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5"
|
|
|
|
- "TLS_DH_anon_WITH_AES_256_CBC_SHA"
|
|
|
|
- "TLS_DH_anon_WITH_ARIA_128_CBC_SHA256"
|
|
|
|
- "TLS_RSA_WITH_RC4_128_MD5"
|
|
|
|
- "TLS_SM4_CCM_SM3"
|
|
|
|
- "TLS_DH_anon_WITH_CAMELLIA_256_GCM_SHA384"
|
|
|
|
- "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA"
|
|
|
|
- "TLS_ECDH_RSA_WITH_RC4_128_SHA"
|
|
|
|
- "TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5"
|
|
|
|
- "TLS_RSA_PSK_WITH_RC4_128_SHA"
|
|
|
|
- "TLS_GOSTR341112_256_WITH_MAGMA_CTR_OMAC"
|
|
|
|
- "TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA"
|
|
|
|
- "TLS_DH_anon_WITH_ARIA_256_GCM_SHA384"
|
|
|
|
- "TLS_DHE_PSK_WITH_NULL_SHA256"
|
|
|
|
- "TLS_ECDHE_PSK_WITH_RC4_128_SHA"
|
|
|
|
- "TLS_PSK_WITH_RC4_128_SHA"
|
|
|
|
- "TLS_DHE_PSK_WITH_RC4_128_SHA"
|
|
|
|
- "TLS_KRB5_WITH_DES_CBC_SHA"
|
|
|
|
- "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA"
|
|
|
|
- "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256"
|
|
|
|
- "TLS_PSK_WITH_NULL_SHA"
|
|
|
|
- "TLS_RSA_EXPORT_WITH_RC4_40_MD5"
|
|
|
|
- "TLS_DH_anon_WITH_RC4_128_MD5"
|
|
|
|
- "TLS_ECDHE_ECDSA_WITH_NULL_SHA"
|
|
|
|
- "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256"
|
|
|
|
- "TLS_RSA_WITH_NULL_MD5"
|
|
|
|
- "TLS_SHA384_SHA384"
|
|
|
|
- "TLS_SHA256_SHA256"
|
|
|
|
- "TLS_DH_anon_WITH_AES_256_GCM_SHA384"
|
|
|
|
- "TLS_RSA_WITH_NULL_SHA256"
|
|
|
|
- "TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA"
|
|
|
|
- "TLS_RSA_WITH_DES_CBC_SHA"
|
|
|
|
- "TLS_KRB5_EXPORT_WITH_RC2_CBC_40_SHA"
|
|
|
|
- "TLS_PSK_WITH_NULL_SHA384"
|
|
|
|
- "TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA"
|
|
|
|
- "TLS_KRB5_WITH_RC4_128_MD5"
|
|
|
|
- "TLS_DH_anon_WITH_AES_128_CBC_SHA"
|
|
|
|
- "TLS_DHE_PSK_WITH_NULL_SHA"
|
|
|
|
- "TLS_DH_anon_WITH_ARIA_256_CBC_SHA384"
|
|
|
|
- "TLS_DH_anon_WITH_DES_CBC_SHA"
|
|
|
|
- "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA"
|
|
|
|
- "TLS_DH_anon_WITH_SEED_CBC_SHA"
|
|
|
|
- "TLS_DH_anon_WITH_AES_256_CBC_SHA256"
|
|
|
|
- "TLS_DHE_DSS_WITH_DES_CBC_SHA"
|
|
|
|
- "TLS_PSK_WITH_NULL_SHA256"
|
|
|
|
- "TLS_ECDH_ECDSA_WITH_RC4_128_SHA"
|
|
|
|
- "TLS_ECDH_anon_WITH_AES_128_CBC_SHA"
|
|
|
|
- "TLS_ECDHE_PSK_WITH_NULL_SHA"
|
|
|
|
- "TLS_ECDH_anon_WITH_NULL_SHA"
|
|
|
|
- "TLS_ECDH_anon_WITH_AES_256_CBC_SHA"
|
|
|
|
- "TLS_KRB5_WITH_IDEA_CBC_MD5"
|
|
|
|
- "TLS_GOSTR341112_256_WITH_KUZNYECHIK_CTR_OMAC"
|
|
|
|
- "TLS_ECDHE_RSA_WITH_NULL_SHA"
|
|
|
|
- "TLS_GOSTR341112_256_WITH_28147_CNT_IMIT"
|
|
|
|
- "TLS_RSA_PSK_WITH_NULL_SHA"
|
|
|
|
- "TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA"
|
|
|
|
- "TLS_KRB5_WITH_DES_CBC_MD5"
|
|
|
|
- "TLS_KRB5_EXPORT_WITH_RC4_40_SHA"
|
|
|
|
- "TLS_DH_anon_WITH_ARIA_128_GCM_SHA256"
|
|
|
|
- "TLS_SM4_GCM_SM3"
|
|
|
|
- "TLS_ECDHE_PSK_WITH_NULL_SHA384"
|
|
|
|
- "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA"
|
|
|
|
- "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA"
|
|
|
|
- "TLS_KRB5_EXPORT_WITH_RC4_40_MD5"
|
|
|
|
- "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA"
|
|
|
|
- "TLS_RSA_PSK_WITH_NULL_SHA256"
|
|
|
|
- "TLS_ECDHE_PSK_WITH_NULL_SHA256"
|
|
|
|
- "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5"
|
|
|
|
- "TLS_DH_RSA_WITH_DES_CBC_SHA"
|
|
|
|
- "TLS_ECDHE_RSA_WITH_RC4_128_SHA"
|
|
|
|
- "TLS_ECDH_anon_WITH_RC4_128_SHA"
|
|
|
|
- "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA"
|
|
|
|
- "TLS_DHE_RSA_WITH_DES_CBC_SHA"
|
|
|
|
- "TLS_RSA_WITH_RC4_128_SHA"
|
|
|
|
- "TLS_KRB5_EXPORT_WITH_RC2_CBC_40_MD5"
|
|
|
|
- "TLS_DH_anon_WITH_AES_128_CBC_SHA256"
|
|
|
|
- "TLS_DH_anon_WITH_CAMELLIA_128_GCM_SHA256"
|
|
|
|
- "TLS_ECDH_ECDSA_WITH_NULL_SHA"
|
|
|
|
- "TLS_RSA_PSK_WITH_NULL_SHA384"
|
|
|
|
- "TLS_KRB5_WITH_3DES_EDE_CBC_MD5"
|
|
|
|
- "TLS_KRB5_WITH_RC4_128_SHA"
|
|
|
|
- "TLS_RSA_WITH_NULL_SHA"
|
|
|
|
condition: or
|
|
|
|
|
|
|
|
- address: "{{Host}}:{{Port}}"
|
|
|
|
min_version: tls12
|
|
|
|
max_version: tls12
|
|
|
|
|
|
|
|
extractors:
|
|
|
|
- type: dsl
|
|
|
|
dsl:
|
|
|
|
- "tls_version, cipher"
|
|
|
|
matchers:
|
|
|
|
- type: word
|
|
|
|
part: cipher
|
|
|
|
words:
|
|
|
|
- "TLS_DHE_PSK_WITH_NULL_SHA384"
|
|
|
|
- "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA"
|
|
|
|
- "TLS_DH_anon_WITH_AES_128_GCM_SHA256"
|
|
|
|
- "TLS_NULL_WITH_NULL_NULL"
|
|
|
|
- "TLS_DH_DSS_WITH_DES_CBC_SHA"
|
|
|
|
- "TLS_ECDH_RSA_WITH_NULL_SHA"
|
|
|
|
- "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5"
|
|
|
|
- "TLS_DH_anon_WITH_AES_256_CBC_SHA"
|
|
|
|
- "TLS_DH_anon_WITH_ARIA_128_CBC_SHA256"
|
|
|
|
- "TLS_RSA_WITH_RC4_128_MD5"
|
|
|
|
- "TLS_SM4_CCM_SM3"
|
|
|
|
- "TLS_DH_anon_WITH_CAMELLIA_256_GCM_SHA384"
|
|
|
|
- "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA"
|
|
|
|
- "TLS_ECDH_RSA_WITH_RC4_128_SHA"
|
|
|
|
- "TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5"
|
|
|
|
- "TLS_RSA_PSK_WITH_RC4_128_SHA"
|
|
|
|
- "TLS_GOSTR341112_256_WITH_MAGMA_CTR_OMAC"
|
|
|
|
- "TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA"
|
|
|
|
- "TLS_DH_anon_WITH_ARIA_256_GCM_SHA384"
|
|
|
|
- "TLS_DHE_PSK_WITH_NULL_SHA256"
|
|
|
|
- "TLS_ECDHE_PSK_WITH_RC4_128_SHA"
|
|
|
|
- "TLS_PSK_WITH_RC4_128_SHA"
|
|
|
|
- "TLS_DHE_PSK_WITH_RC4_128_SHA"
|
|
|
|
- "TLS_KRB5_WITH_DES_CBC_SHA"
|
|
|
|
- "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA"
|
|
|
|
- "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256"
|
|
|
|
- "TLS_PSK_WITH_NULL_SHA"
|
|
|
|
- "TLS_RSA_EXPORT_WITH_RC4_40_MD5"
|
|
|
|
- "TLS_DH_anon_WITH_RC4_128_MD5"
|
|
|
|
- "TLS_ECDHE_ECDSA_WITH_NULL_SHA"
|
|
|
|
- "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256"
|
|
|
|
- "TLS_RSA_WITH_NULL_MD5"
|
|
|
|
- "TLS_SHA384_SHA384"
|
|
|
|
- "TLS_SHA256_SHA256"
|
|
|
|
- "TLS_DH_anon_WITH_AES_256_GCM_SHA384"
|
|
|
|
- "TLS_RSA_WITH_NULL_SHA256"
|
|
|
|
- "TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA"
|
|
|
|
- "TLS_RSA_WITH_DES_CBC_SHA"
|
|
|
|
- "TLS_KRB5_EXPORT_WITH_RC2_CBC_40_SHA"
|
|
|
|
- "TLS_PSK_WITH_NULL_SHA384"
|
|
|
|
- "TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA"
|
|
|
|
- "TLS_KRB5_WITH_RC4_128_MD5"
|
|
|
|
- "TLS_DH_anon_WITH_AES_128_CBC_SHA"
|
|
|
|
- "TLS_DHE_PSK_WITH_NULL_SHA"
|
|
|
|
- "TLS_DH_anon_WITH_ARIA_256_CBC_SHA384"
|
|
|
|
- "TLS_DH_anon_WITH_DES_CBC_SHA"
|
|
|
|
- "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA"
|
|
|
|
- "TLS_DH_anon_WITH_SEED_CBC_SHA"
|
|
|
|
- "TLS_DH_anon_WITH_AES_256_CBC_SHA256"
|
|
|
|
- "TLS_DHE_DSS_WITH_DES_CBC_SHA"
|
|
|
|
- "TLS_PSK_WITH_NULL_SHA256"
|
|
|
|
- "TLS_ECDH_ECDSA_WITH_RC4_128_SHA"
|
|
|
|
- "TLS_ECDH_anon_WITH_AES_128_CBC_SHA"
|
|
|
|
- "TLS_ECDHE_PSK_WITH_NULL_SHA"
|
|
|
|
- "TLS_ECDH_anon_WITH_NULL_SHA"
|
|
|
|
- "TLS_ECDH_anon_WITH_AES_256_CBC_SHA"
|
|
|
|
- "TLS_KRB5_WITH_IDEA_CBC_MD5"
|
|
|
|
- "TLS_GOSTR341112_256_WITH_KUZNYECHIK_CTR_OMAC"
|
|
|
|
- "TLS_ECDHE_RSA_WITH_NULL_SHA"
|
|
|
|
- "TLS_GOSTR341112_256_WITH_28147_CNT_IMIT"
|
|
|
|
- "TLS_RSA_PSK_WITH_NULL_SHA"
|
|
|
|
- "TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA"
|
|
|
|
- "TLS_KRB5_WITH_DES_CBC_MD5"
|
|
|
|
- "TLS_KRB5_EXPORT_WITH_RC4_40_SHA"
|
|
|
|
- "TLS_DH_anon_WITH_ARIA_128_GCM_SHA256"
|
|
|
|
- "TLS_SM4_GCM_SM3"
|
|
|
|
- "TLS_ECDHE_PSK_WITH_NULL_SHA384"
|
|
|
|
- "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA"
|
|
|
|
- "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA"
|
|
|
|
- "TLS_KRB5_EXPORT_WITH_RC4_40_MD5"
|
|
|
|
- "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA"
|
|
|
|
- "TLS_RSA_PSK_WITH_NULL_SHA256"
|
|
|
|
- "TLS_ECDHE_PSK_WITH_NULL_SHA256"
|
|
|
|
- "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5"
|
|
|
|
- "TLS_DH_RSA_WITH_DES_CBC_SHA"
|
|
|
|
- "TLS_ECDHE_RSA_WITH_RC4_128_SHA"
|
|
|
|
- "TLS_ECDH_anon_WITH_RC4_128_SHA"
|
|
|
|
- "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA"
|
|
|
|
- "TLS_DHE_RSA_WITH_DES_CBC_SHA"
|
|
|
|
- "TLS_RSA_WITH_RC4_128_SHA"
|
|
|
|
- "TLS_KRB5_EXPORT_WITH_RC2_CBC_40_MD5"
|
|
|
|
- "TLS_DH_anon_WITH_AES_128_CBC_SHA256"
|
|
|
|
- "TLS_DH_anon_WITH_CAMELLIA_128_GCM_SHA256"
|
|
|
|
- "TLS_ECDH_ECDSA_WITH_NULL_SHA"
|
|
|
|
- "TLS_RSA_PSK_WITH_NULL_SHA384"
|
|
|
|
- "TLS_KRB5_WITH_3DES_EDE_CBC_MD5"
|
|
|
|
- "TLS_KRB5_WITH_RC4_128_SHA"
|
|
|
|
- "TLS_RSA_WITH_NULL_SHA"
|
|
|
|
condition: or
|
|
|
|
|
|
|
|
- address: "{{Host}}:{{Port}}"
|
|
|
|
min_version: tls13
|
|
|
|
max_version: tls13
|
|
|
|
|
|
|
|
extractors:
|
|
|
|
- type: dsl
|
|
|
|
dsl:
|
|
|
|
- "tls_version, cipher"
|
|
|
|
matchers:
|
|
|
|
- type: word
|
|
|
|
part: cipher
|
|
|
|
words:
|
|
|
|
- "TLS_DHE_PSK_WITH_NULL_SHA384"
|
|
|
|
- "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA"
|
|
|
|
- "TLS_DH_anon_WITH_AES_128_GCM_SHA256"
|
|
|
|
- "TLS_NULL_WITH_NULL_NULL"
|
|
|
|
- "TLS_DH_DSS_WITH_DES_CBC_SHA"
|
|
|
|
- "TLS_ECDH_RSA_WITH_NULL_SHA"
|
|
|
|
- "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5"
|
|
|
|
- "TLS_DH_anon_WITH_AES_256_CBC_SHA"
|
|
|
|
- "TLS_DH_anon_WITH_ARIA_128_CBC_SHA256"
|
|
|
|
- "TLS_RSA_WITH_RC4_128_MD5"
|
|
|
|
- "TLS_SM4_CCM_SM3"
|
|
|
|
- "TLS_DH_anon_WITH_CAMELLIA_256_GCM_SHA384"
|
|
|
|
- "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA"
|
|
|
|
- "TLS_ECDH_RSA_WITH_RC4_128_SHA"
|
|
|
|
- "TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5"
|
|
|
|
- "TLS_RSA_PSK_WITH_RC4_128_SHA"
|
|
|
|
- "TLS_GOSTR341112_256_WITH_MAGMA_CTR_OMAC"
|
|
|
|
- "TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA"
|
|
|
|
- "TLS_DH_anon_WITH_ARIA_256_GCM_SHA384"
|
|
|
|
- "TLS_DHE_PSK_WITH_NULL_SHA256"
|
|
|
|
- "TLS_ECDHE_PSK_WITH_RC4_128_SHA"
|
|
|
|
- "TLS_PSK_WITH_RC4_128_SHA"
|
|
|
|
- "TLS_DHE_PSK_WITH_RC4_128_SHA"
|
|
|
|
- "TLS_KRB5_WITH_DES_CBC_SHA"
|
|
|
|
- "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA"
|
|
|
|
- "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256"
|
|
|
|
- "TLS_PSK_WITH_NULL_SHA"
|
|
|
|
- "TLS_RSA_EXPORT_WITH_RC4_40_MD5"
|
|
|
|
- "TLS_DH_anon_WITH_RC4_128_MD5"
|
|
|
|
- "TLS_ECDHE_ECDSA_WITH_NULL_SHA"
|
|
|
|
- "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256"
|
|
|
|
- "TLS_RSA_WITH_NULL_MD5"
|
|
|
|
- "TLS_SHA384_SHA384"
|
|
|
|
- "TLS_SHA256_SHA256"
|
|
|
|
- "TLS_DH_anon_WITH_AES_256_GCM_SHA384"
|
|
|
|
- "TLS_RSA_WITH_NULL_SHA256"
|
|
|
|
- "TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA"
|
|
|
|
- "TLS_RSA_WITH_DES_CBC_SHA"
|
|
|
|
- "TLS_KRB5_EXPORT_WITH_RC2_CBC_40_SHA"
|
|
|
|
- "TLS_PSK_WITH_NULL_SHA384"
|
|
|
|
- "TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA"
|
|
|
|
- "TLS_KRB5_WITH_RC4_128_MD5"
|
|
|
|
- "TLS_DH_anon_WITH_AES_128_CBC_SHA"
|
|
|
|
- "TLS_DHE_PSK_WITH_NULL_SHA"
|
|
|
|
- "TLS_DH_anon_WITH_ARIA_256_CBC_SHA384"
|
|
|
|
- "TLS_DH_anon_WITH_DES_CBC_SHA"
|
|
|
|
- "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA"
|
|
|
|
- "TLS_DH_anon_WITH_SEED_CBC_SHA"
|
|
|
|
- "TLS_DH_anon_WITH_AES_256_CBC_SHA256"
|
|
|
|
- "TLS_DHE_DSS_WITH_DES_CBC_SHA"
|
|
|
|
- "TLS_PSK_WITH_NULL_SHA256"
|
|
|
|
- "TLS_ECDH_ECDSA_WITH_RC4_128_SHA"
|
|
|
|
- "TLS_ECDH_anon_WITH_AES_128_CBC_SHA"
|
|
|
|
- "TLS_ECDHE_PSK_WITH_NULL_SHA"
|
|
|
|
- "TLS_ECDH_anon_WITH_NULL_SHA"
|
|
|
|
- "TLS_ECDH_anon_WITH_AES_256_CBC_SHA"
|
|
|
|
- "TLS_KRB5_WITH_IDEA_CBC_MD5"
|
|
|
|
- "TLS_GOSTR341112_256_WITH_KUZNYECHIK_CTR_OMAC"
|
|
|
|
- "TLS_ECDHE_RSA_WITH_NULL_SHA"
|
|
|
|
- "TLS_GOSTR341112_256_WITH_28147_CNT_IMIT"
|
|
|
|
- "TLS_RSA_PSK_WITH_NULL_SHA"
|
|
|
|
- "TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA"
|
|
|
|
- "TLS_KRB5_WITH_DES_CBC_MD5"
|
|
|
|
- "TLS_KRB5_EXPORT_WITH_RC4_40_SHA"
|
|
|
|
- "TLS_DH_anon_WITH_ARIA_128_GCM_SHA256"
|
|
|
|
- "TLS_SM4_GCM_SM3"
|
|
|
|
- "TLS_ECDHE_PSK_WITH_NULL_SHA384"
|
|
|
|
- "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA"
|
|
|
|
- "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA"
|
|
|
|
- "TLS_KRB5_EXPORT_WITH_RC4_40_MD5"
|
|
|
|
- "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA"
|
|
|
|
- "TLS_RSA_PSK_WITH_NULL_SHA256"
|
|
|
|
- "TLS_ECDHE_PSK_WITH_NULL_SHA256"
|
|
|
|
- "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5"
|
|
|
|
- "TLS_DH_RSA_WITH_DES_CBC_SHA"
|
|
|
|
- "TLS_ECDHE_RSA_WITH_RC4_128_SHA"
|
|
|
|
- "TLS_ECDH_anon_WITH_RC4_128_SHA"
|
|
|
|
- "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA"
|
|
|
|
- "TLS_DHE_RSA_WITH_DES_CBC_SHA"
|
|
|
|
- "TLS_RSA_WITH_RC4_128_SHA"
|
|
|
|
- "TLS_KRB5_EXPORT_WITH_RC2_CBC_40_MD5"
|
|
|
|
- "TLS_DH_anon_WITH_AES_128_CBC_SHA256"
|
|
|
|
- "TLS_DH_anon_WITH_CAMELLIA_128_GCM_SHA256"
|
|
|
|
- "TLS_ECDH_ECDSA_WITH_NULL_SHA"
|
|
|
|
- "TLS_RSA_PSK_WITH_NULL_SHA384"
|
|
|
|
- "TLS_KRB5_WITH_3DES_EDE_CBC_MD5"
|
|
|
|
- "TLS_KRB5_WITH_RC4_128_SHA"
|
|
|
|
- "TLS_RSA_WITH_NULL_SHA"
|
|
|
|
condition: or
|
2023-12-08 07:58:29 +00:00
|
|
|
# digest: 4a0a00473045022100973aa0d3404a0d7875b774b64893b89fa3c4482c2725a86e2f6d3b4d228171f2022060fec1660203fef68c67d35792c2d7014bf561c9acb19e01d99ccf2a787808d5:922c64590222798bb761d5b6d8e72950
|