Merge pull request #6887 from projectdiscovery/pussycat0x-patch-6

Update weak-cipher-suites.yaml
patch-1
Ritik Chaddha 2023-03-17 19:26:48 +05:30 committed by GitHub
commit 34696d9b38
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 639 additions and 3 deletions

View File

@ -1,4 +1,5 @@
id: weak-cipher-suites
info:
name: Weak Cipher Suites Detection
author: pussycat0x
@ -13,11 +14,646 @@ info:
ssl:
- address: "{{Host}}:{{Port}}"
min_version: tls10
max_version: tls10
extractors:
- type: json
json:
- '.cipher'
- type: dsl
dsl:
- "tls_version, cipher"
matchers:
- type: word
part: cipher
words:
- "TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256"
- "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA"
- "TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384"
- "TLS_DH_RSA_WITH_AES_128_GCM_SHA256"
- "TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA"
- "TLS_RSA_WITH_AES_256_CBC_SHA"
- "TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA"
- "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA"
- "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256"
- "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA"
- "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA"
- "TLS_RSA_PSK_WITH_AES_128_GCM_SHA256"
- "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA"
- "TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256"
- "TLS_DH_RSA_WITH_AES_128_CBC_SHA"
- "TLS_RSA_WITH_IDEA_CBC_SHA"
- "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256"
- "TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384"
- "TLS_DH_RSA_WITH_SEED_CBC_SHA"
- "TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384"
- "TLS_DHE_DSS_WITH_ARIA_256_CBC_SHA384"
- "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256"
- "TLS_RSA_PSK_WITH_AES_256_CBC_SHA"
- "TLS_RSA_WITH_AES_128_CBC_SHA"
- "TLS_PSK_WITH_AES_256_CBC_SHA384"
- "TLS_DHE_DSS_WITH_SEED_CBC_SHA"
- "TLS_DH_DSS_WITH_ARIA_128_CBC_SHA256"
- "TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256"
- "TLS_SRP_SHA_WITH_AES_128_CBC_SHA"
- "TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384"
- "TLS_RSA_WITH_AES_128_CCM"
- "TLS_RSA_WITH_AES_256_CCM"
- "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA"
- "TLS_RSA_WITH_AES_128_CBC_SHA256"
- "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA"
- "TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256"
- "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256"
- "TLS_PSK_WITH_ARIA_128_GCM_SHA256"
- "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA"
- "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA"
- "TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256"
- "TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384"
- "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256"
- "TLS_DH_RSA_WITH_AES_256_GCM_SHA384"
- "TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384"
- "TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384"
- "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA"
- "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA"
- "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA"
- "TLS_DH_RSA_WITH_ARIA_256_CBC_SHA384"
- "TLS_PSK_WITH_ARIA_256_CBC_SHA384"
- "TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256"
- "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256"
- "TLS_PSK_WITH_AES_256_CBC_SHA"
- "TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA"
- "TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256"
- "TLS_DH_DSS_WITH_SEED_CBC_SHA"
- "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA"
- "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA"
- "TLS_PSK_WITH_CHACHA20_POLY1305_SHA256"
- "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256"
- "TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384"
- "TLS_SRP_SHA_WITH_AES_256_CBC_SHA"
- "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384"
- "TLS_DH_DSS_WITH_AES_256_CBC_SHA256"
- "TLS_PSK_WITH_AES_128_CCM_8"
- "TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA"
- "TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384"
- "TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384"
- "TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384"
- "TLS_PSK_WITH_ARIA_256_GCM_SHA384"
- "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA"
- "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256"
- "TLS_RSA_WITH_AES_256_CCM_8"
- "TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA"
- "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256"
- "TLS_DHE_PSK_WITH_AES_128_CBC_SHA"
- "TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384"
- "TLS_DHE_RSA_WITH_AES_256_CBC_SHA"
- "TLS_DHE_RSA_WITH_SEED_CBC_SHA"
- "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA"
- "TLS_DH_DSS_WITH_ARIA_256_GCM_SHA384"
- "TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384"
- "TLS_DHE_PSK_WITH_AES_256_CBC_SHA384"
- "TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256"
- "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384"
- "TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256"
- "TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA"
- "TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256"
- "TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256"
- "TLS_DHE_RSA_WITH_AES_128_CBC_SHA"
- "TLS_RSA_WITH_AES_128_CCM_8"
- "TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256"
- "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA"
- "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA"
- "TLS_DH_RSA_WITH_ARIA_256_GCM_SHA384"
- "TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256"
- "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256"
- "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256"
- "TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256"
- "TLS_KRB5_WITH_3DES_EDE_CBC_SHA"
- "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256"
- "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256"
- "TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256"
- "TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384"
- "TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256"
- "TLS_PSK_WITH_AES_128_CCM"
- "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256"
- "TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256"
- "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256"
- "TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA"
- "TLS_DH_DSS_WITH_AES_256_CBC_SHA"
- "TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384"
- "TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384"
- "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384"
- "TLS_PSK_WITH_ARIA_128_CBC_SHA256"
- "TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256"
- "TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384"
- "TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA"
- "TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256"
- "TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384"
- "TLS_PSK_WITH_AES_128_CBC_SHA"
- "TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384"
- "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA"
- "TLS_DH_DSS_WITH_AES_256_GCM_SHA384"
- "TLS_PSK_WITH_AES_128_CBC_SHA256"
- "TLS_DHE_DSS_WITH_ARIA_128_CBC_SHA256"
- "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA"
- "TLS_DH_RSA_WITH_AES_256_CBC_SHA256"
- "TLS_RSA_WITH_ARIA_128_GCM_SHA256"
- "TLS_RSA_WITH_ARIA_256_CBC_SHA384"
- "TLS_RSA_PSK_WITH_AES_128_CBC_SHA256"
- "TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA"
- "TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA"
- "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA"
- "TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384"
- "TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384"
- "TLS_DH_DSS_WITH_AES_128_GCM_SHA256"
- "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA"
- "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256"
- "TLS_DHE_PSK_WITH_AES_128_CBC_SHA256"
- "TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384"
- "TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256"
- "TLS_DH_DSS_WITH_AES_128_CBC_SHA"
- "TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256"
- "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256"
- "TLS_RSA_PSK_WITH_AES_128_CBC_SHA"
- "TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384"
- "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA"
- "TLS_PSK_WITH_3DES_EDE_CBC_SHA"
- "TLS_RSA_WITH_ARIA_128_CBC_SHA256"
- "TLS_RSA_PSK_WITH_AES_256_GCM_SHA384"
- "TLS_DH_DSS_WITH_AES_128_CBC_SHA256"
- "TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256"
- "TLS_RSA_PSK_WITH_AES_256_CBC_SHA384"
- "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256"
- "TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384"
- "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256"
- "TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256"
- "TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256"
- "TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384"
- "TLS_RSA_WITH_AES_256_CBC_SHA256"
- "TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA"
- "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384"
- "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA"
- "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384"
- "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA"
- "TLS_DHE_DSS_WITH_AES_128_CBC_SHA"
- "TLS_DHE_DSS_WITH_AES_256_CBC_SHA"
- "TLS_DHE_PSK_WITH_AES_256_CBC_SHA"
- "TLS_PSK_WITH_AES_128_GCM_SHA256"
- "TLS_RSA_WITH_ARIA_256_GCM_SHA384"
- "TLS_PSK_WITH_AES_256_GCM_SHA384"
- "TLS_DH_DSS_WITH_ARIA_128_GCM_SHA256"
- "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256"
- "TLS_DH_RSA_WITH_AES_128_CBC_SHA256"
- "TLS_RSA_WITH_AES_256_GCM_SHA384"
- "TLS_RSA_WITH_SEED_CBC_SHA"
- "TLS_DH_RSA_WITH_ARIA_128_CBC_SHA256"
- "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384"
- "TLS_PSK_WITH_AES_256_CCM"
- "TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256"
- "TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384"
- "TLS_DH_RSA_WITH_AES_256_CBC_SHA"
- "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA"
- "TLS_RSA_WITH_3DES_EDE_CBC_SHA"
- "TLS_DH_DSS_WITH_ARIA_256_CBC_SHA384"
- "TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA"
- "TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256"
- "TLS_PSK_WITH_AES_256_CCM_8"
- "TLS_RSA_WITH_AES_128_GCM_SHA256"
- "TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384"
- "TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256"
- "TLS_DH_RSA_WITH_ARIA_128_GCM_SHA256"
- "TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256"
- "TLS_KRB5_WITH_IDEA_CBC_SHA"
condition: or
- address: "{{Host}}:{{Port}}"
min_version: tls11
max_version: tls11
extractors:
- type: dsl
dsl:
- "tls_version, cipher"
matchers:
- type: word
part: cipher
words:
- "TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256"
- "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA"
- "TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384"
- "TLS_DH_RSA_WITH_AES_128_GCM_SHA256"
- "TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA"
- "TLS_RSA_WITH_AES_256_CBC_SHA"
- "TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA"
- "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA"
- "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256"
- "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA"
- "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA"
- "TLS_RSA_PSK_WITH_AES_128_GCM_SHA256"
- "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA"
- "TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256"
- "TLS_DH_RSA_WITH_AES_128_CBC_SHA"
- "TLS_RSA_WITH_IDEA_CBC_SHA"
- "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256"
- "TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384"
- "TLS_DH_RSA_WITH_SEED_CBC_SHA"
- "TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384"
- "TLS_DHE_DSS_WITH_ARIA_256_CBC_SHA384"
- "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256"
- "TLS_RSA_PSK_WITH_AES_256_CBC_SHA"
- "TLS_RSA_WITH_AES_128_CBC_SHA"
- "TLS_PSK_WITH_AES_256_CBC_SHA384"
- "TLS_DHE_DSS_WITH_SEED_CBC_SHA"
- "TLS_DH_DSS_WITH_ARIA_128_CBC_SHA256"
- "TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256"
- "TLS_SRP_SHA_WITH_AES_128_CBC_SHA"
- "TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384"
- "TLS_RSA_WITH_AES_128_CCM"
- "TLS_RSA_WITH_AES_256_CCM"
- "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA"
- "TLS_RSA_WITH_AES_128_CBC_SHA256"
- "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA"
- "TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256"
- "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256"
- "TLS_PSK_WITH_ARIA_128_GCM_SHA256"
- "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA"
- "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA"
- "TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256"
- "TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384"
- "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256"
- "TLS_DH_RSA_WITH_AES_256_GCM_SHA384"
- "TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384"
- "TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384"
- "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA"
- "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA"
- "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA"
- "TLS_DH_RSA_WITH_ARIA_256_CBC_SHA384"
- "TLS_PSK_WITH_ARIA_256_CBC_SHA384"
- "TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256"
- "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256"
- "TLS_PSK_WITH_AES_256_CBC_SHA"
- "TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA"
- "TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256"
- "TLS_DH_DSS_WITH_SEED_CBC_SHA"
- "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA"
- "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA"
- "TLS_PSK_WITH_CHACHA20_POLY1305_SHA256"
- "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256"
- "TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384"
- "TLS_SRP_SHA_WITH_AES_256_CBC_SHA"
- "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384"
- "TLS_DH_DSS_WITH_AES_256_CBC_SHA256"
- "TLS_PSK_WITH_AES_128_CCM_8"
- "TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA"
- "TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384"
- "TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384"
- "TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384"
- "TLS_PSK_WITH_ARIA_256_GCM_SHA384"
- "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA"
- "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256"
- "TLS_RSA_WITH_AES_256_CCM_8"
- "TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA"
- "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256"
- "TLS_DHE_PSK_WITH_AES_128_CBC_SHA"
- "TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384"
- "TLS_DHE_RSA_WITH_AES_256_CBC_SHA"
- "TLS_DHE_RSA_WITH_SEED_CBC_SHA"
- "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA"
- "TLS_DH_DSS_WITH_ARIA_256_GCM_SHA384"
- "TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384"
- "TLS_DHE_PSK_WITH_AES_256_CBC_SHA384"
- "TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256"
- "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384"
- "TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256"
- "TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA"
- "TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256"
- "TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256"
- "TLS_DHE_RSA_WITH_AES_128_CBC_SHA"
- "TLS_RSA_WITH_AES_128_CCM_8"
- "TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256"
- "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA"
- "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA"
- "TLS_DH_RSA_WITH_ARIA_256_GCM_SHA384"
- "TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256"
- "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256"
- "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256"
- "TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256"
- "TLS_KRB5_WITH_3DES_EDE_CBC_SHA"
- "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256"
- "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256"
- "TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256"
- "TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384"
- "TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256"
- "TLS_PSK_WITH_AES_128_CCM"
- "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256"
- "TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256"
- "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256"
- "TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA"
- "TLS_DH_DSS_WITH_AES_256_CBC_SHA"
- "TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384"
- "TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384"
- "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384"
- "TLS_PSK_WITH_ARIA_128_CBC_SHA256"
- "TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256"
- "TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384"
- "TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA"
- "TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256"
- "TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384"
- "TLS_PSK_WITH_AES_128_CBC_SHA"
- "TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384"
- "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA"
- "TLS_DH_DSS_WITH_AES_256_GCM_SHA384"
- "TLS_PSK_WITH_AES_128_CBC_SHA256"
- "TLS_DHE_DSS_WITH_ARIA_128_CBC_SHA256"
- "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA"
- "TLS_DH_RSA_WITH_AES_256_CBC_SHA256"
- "TLS_RSA_WITH_ARIA_128_GCM_SHA256"
- "TLS_RSA_WITH_ARIA_256_CBC_SHA384"
- "TLS_RSA_PSK_WITH_AES_128_CBC_SHA256"
- "TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA"
- "TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA"
- "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA"
- "TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384"
- "TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384"
- "TLS_DH_DSS_WITH_AES_128_GCM_SHA256"
- "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA"
- "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256"
- "TLS_DHE_PSK_WITH_AES_128_CBC_SHA256"
- "TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384"
- "TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256"
- "TLS_DH_DSS_WITH_AES_128_CBC_SHA"
- "TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256"
- "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256"
- "TLS_RSA_PSK_WITH_AES_128_CBC_SHA"
- "TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384"
- "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA"
- "TLS_PSK_WITH_3DES_EDE_CBC_SHA"
- "TLS_RSA_WITH_ARIA_128_CBC_SHA256"
- "TLS_RSA_PSK_WITH_AES_256_GCM_SHA384"
- "TLS_DH_DSS_WITH_AES_128_CBC_SHA256"
- "TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256"
- "TLS_RSA_PSK_WITH_AES_256_CBC_SHA384"
- "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256"
- "TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384"
- "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256"
- "TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256"
- "TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256"
- "TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384"
- "TLS_RSA_WITH_AES_256_CBC_SHA256"
- "TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA"
- "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384"
- "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA"
- "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384"
- "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA"
- "TLS_DHE_DSS_WITH_AES_128_CBC_SHA"
- "TLS_DHE_DSS_WITH_AES_256_CBC_SHA"
- "TLS_DHE_PSK_WITH_AES_256_CBC_SHA"
- "TLS_PSK_WITH_AES_128_GCM_SHA256"
- "TLS_RSA_WITH_ARIA_256_GCM_SHA384"
- "TLS_PSK_WITH_AES_256_GCM_SHA384"
- "TLS_DH_DSS_WITH_ARIA_128_GCM_SHA256"
- "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256"
- "TLS_DH_RSA_WITH_AES_128_CBC_SHA256"
- "TLS_RSA_WITH_AES_256_GCM_SHA384"
- "TLS_RSA_WITH_SEED_CBC_SHA"
- "TLS_DH_RSA_WITH_ARIA_128_CBC_SHA256"
- "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384"
- "TLS_PSK_WITH_AES_256_CCM"
- "TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256"
- "TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384"
- "TLS_DH_RSA_WITH_AES_256_CBC_SHA"
- "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA"
- "TLS_RSA_WITH_3DES_EDE_CBC_SHA"
- "TLS_DH_DSS_WITH_ARIA_256_CBC_SHA384"
- "TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA"
- "TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256"
- "TLS_PSK_WITH_AES_256_CCM_8"
- "TLS_RSA_WITH_AES_128_GCM_SHA256"
- "TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384"
- "TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256"
- "TLS_DH_RSA_WITH_ARIA_128_GCM_SHA256"
- "TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256"
- "TLS_KRB5_WITH_IDEA_CBC_SHA"
condition: or
- address: "{{Host}}:{{Port}}"
min_version: tls12
max_version: tls12
extractors:
- type: dsl
dsl:
- "tls_version, cipher"
matchers:
- type: word
part: cipher
words:
- "TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256"
- "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA"
- "TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384"
- "TLS_DH_RSA_WITH_AES_128_GCM_SHA256"
- "TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA"
- "TLS_RSA_WITH_AES_256_CBC_SHA"
- "TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA"
- "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA"
- "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256"
- "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA"
- "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA"
- "TLS_RSA_PSK_WITH_AES_128_GCM_SHA256"
- "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA"
- "TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256"
- "TLS_DH_RSA_WITH_AES_128_CBC_SHA"
- "TLS_RSA_WITH_IDEA_CBC_SHA"
- "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256"
- "TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384"
- "TLS_DH_RSA_WITH_SEED_CBC_SHA"
- "TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384"
- "TLS_DHE_DSS_WITH_ARIA_256_CBC_SHA384"
- "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256"
- "TLS_RSA_PSK_WITH_AES_256_CBC_SHA"
- "TLS_RSA_WITH_AES_128_CBC_SHA"
- "TLS_PSK_WITH_AES_256_CBC_SHA384"
- "TLS_DHE_DSS_WITH_SEED_CBC_SHA"
- "TLS_DH_DSS_WITH_ARIA_128_CBC_SHA256"
- "TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256"
- "TLS_SRP_SHA_WITH_AES_128_CBC_SHA"
- "TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384"
- "TLS_RSA_WITH_AES_128_CCM"
- "TLS_RSA_WITH_AES_256_CCM"
- "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA"
- "TLS_RSA_WITH_AES_128_CBC_SHA256"
- "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA"
- "TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256"
- "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256"
- "TLS_PSK_WITH_ARIA_128_GCM_SHA256"
- "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA"
- "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA"
- "TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256"
- "TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384"
- "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256"
- "TLS_DH_RSA_WITH_AES_256_GCM_SHA384"
- "TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384"
- "TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384"
- "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA"
- "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA"
- "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA"
- "TLS_DH_RSA_WITH_ARIA_256_CBC_SHA384"
- "TLS_PSK_WITH_ARIA_256_CBC_SHA384"
- "TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256"
- "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256"
- "TLS_PSK_WITH_AES_256_CBC_SHA"
- "TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA"
- "TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256"
- "TLS_DH_DSS_WITH_SEED_CBC_SHA"
- "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA"
- "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA"
- "TLS_PSK_WITH_CHACHA20_POLY1305_SHA256"
- "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256"
- "TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384"
- "TLS_SRP_SHA_WITH_AES_256_CBC_SHA"
- "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384"
- "TLS_DH_DSS_WITH_AES_256_CBC_SHA256"
- "TLS_PSK_WITH_AES_128_CCM_8"
- "TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA"
- "TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384"
- "TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384"
- "TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384"
- "TLS_PSK_WITH_ARIA_256_GCM_SHA384"
- "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA"
- "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256"
- "TLS_RSA_WITH_AES_256_CCM_8"
- "TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA"
- "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256"
- "TLS_DHE_PSK_WITH_AES_128_CBC_SHA"
- "TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384"
- "TLS_DHE_RSA_WITH_AES_256_CBC_SHA"
- "TLS_DHE_RSA_WITH_SEED_CBC_SHA"
- "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA"
- "TLS_DH_DSS_WITH_ARIA_256_GCM_SHA384"
- "TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384"
- "TLS_DHE_PSK_WITH_AES_256_CBC_SHA384"
- "TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256"
- "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384"
- "TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256"
- "TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA"
- "TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256"
- "TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256"
- "TLS_DHE_RSA_WITH_AES_128_CBC_SHA"
- "TLS_RSA_WITH_AES_128_CCM_8"
- "TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256"
- "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA"
- "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA"
- "TLS_DH_RSA_WITH_ARIA_256_GCM_SHA384"
- "TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256"
- "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256"
- "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256"
- "TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256"
- "TLS_KRB5_WITH_3DES_EDE_CBC_SHA"
- "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256"
- "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256"
- "TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256"
- "TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384"
- "TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256"
- "TLS_PSK_WITH_AES_128_CCM"
- "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256"
- "TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256"
- "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256"
- "TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA"
- "TLS_DH_DSS_WITH_AES_256_CBC_SHA"
- "TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384"
- "TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384"
- "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384"
- "TLS_PSK_WITH_ARIA_128_CBC_SHA256"
- "TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256"
- "TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384"
- "TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA"
- "TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256"
- "TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384"
- "TLS_PSK_WITH_AES_128_CBC_SHA"
- "TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384"
- "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA"
- "TLS_DH_DSS_WITH_AES_256_GCM_SHA384"
- "TLS_PSK_WITH_AES_128_CBC_SHA256"
- "TLS_DHE_DSS_WITH_ARIA_128_CBC_SHA256"
- "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA"
- "TLS_DH_RSA_WITH_AES_256_CBC_SHA256"
- "TLS_RSA_WITH_ARIA_128_GCM_SHA256"
- "TLS_RSA_WITH_ARIA_256_CBC_SHA384"
- "TLS_RSA_PSK_WITH_AES_128_CBC_SHA256"
- "TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA"
- "TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA"
- "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA"
- "TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384"
- "TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384"
- "TLS_DH_DSS_WITH_AES_128_GCM_SHA256"
- "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA"
- "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256"
- "TLS_DHE_PSK_WITH_AES_128_CBC_SHA256"
- "TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384"
- "TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256"
- "TLS_DH_DSS_WITH_AES_128_CBC_SHA"
- "TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256"
- "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256"
- "TLS_RSA_PSK_WITH_AES_128_CBC_SHA"
- "TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384"
- "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA"
- "TLS_PSK_WITH_3DES_EDE_CBC_SHA"
- "TLS_RSA_WITH_ARIA_128_CBC_SHA256"
- "TLS_RSA_PSK_WITH_AES_256_GCM_SHA384"
- "TLS_DH_DSS_WITH_AES_128_CBC_SHA256"
- "TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256"
- "TLS_RSA_PSK_WITH_AES_256_CBC_SHA384"
- "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256"
- "TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384"
- "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256"
- "TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256"
- "TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256"
- "TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384"
- "TLS_RSA_WITH_AES_256_CBC_SHA256"
- "TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA"
- "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384"
- "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA"
- "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384"
- "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA"
- "TLS_DHE_DSS_WITH_AES_128_CBC_SHA"
- "TLS_DHE_DSS_WITH_AES_256_CBC_SHA"
- "TLS_DHE_PSK_WITH_AES_256_CBC_SHA"
- "TLS_PSK_WITH_AES_128_GCM_SHA256"
- "TLS_RSA_WITH_ARIA_256_GCM_SHA384"
- "TLS_PSK_WITH_AES_256_GCM_SHA384"
- "TLS_DH_DSS_WITH_ARIA_128_GCM_SHA256"
- "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256"
- "TLS_DH_RSA_WITH_AES_128_CBC_SHA256"
- "TLS_RSA_WITH_AES_256_GCM_SHA384"
- "TLS_RSA_WITH_SEED_CBC_SHA"
- "TLS_DH_RSA_WITH_ARIA_128_CBC_SHA256"
- "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384"
- "TLS_PSK_WITH_AES_256_CCM"
- "TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256"
- "TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384"
- "TLS_DH_RSA_WITH_AES_256_CBC_SHA"
- "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA"
- "TLS_RSA_WITH_3DES_EDE_CBC_SHA"
- "TLS_DH_DSS_WITH_ARIA_256_CBC_SHA384"
- "TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA"
- "TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256"
- "TLS_PSK_WITH_AES_256_CCM_8"
- "TLS_RSA_WITH_AES_128_GCM_SHA256"
- "TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384"
- "TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256"
- "TLS_DH_RSA_WITH_ARIA_128_GCM_SHA256"
- "TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256"
- "TLS_KRB5_WITH_IDEA_CBC_SHA"
condition: or
- address: "{{Host}}:{{Port}}"
min_version: tls13
max_version: tls13
extractors:
- type: dsl
dsl:
- "tls_version, cipher"
matchers:
- type: word