diff --git a/ssl/weak-cipher-suites.yaml b/ssl/weak-cipher-suites.yaml index e19b3e2944..df065b42ff 100644 --- a/ssl/weak-cipher-suites.yaml +++ b/ssl/weak-cipher-suites.yaml @@ -1,4 +1,5 @@ id: weak-cipher-suites + info: name: Weak Cipher Suites Detection author: pussycat0x @@ -13,11 +14,646 @@ info: ssl: - address: "{{Host}}:{{Port}}" + min_version: tls10 + max_version: tls10 extractors: - - type: json - json: - - '.cipher' + - type: dsl + dsl: + - "tls_version, cipher" + + matchers: + - type: word + part: cipher + words: + - "TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256" + - "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA" + - "TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384" + - "TLS_DH_RSA_WITH_AES_128_GCM_SHA256" + - "TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA" + - "TLS_RSA_WITH_AES_256_CBC_SHA" + - "TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA" + - "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA" + - "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256" + - "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA" + - "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA" + - "TLS_RSA_PSK_WITH_AES_128_GCM_SHA256" + - "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA" + - "TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256" + - "TLS_DH_RSA_WITH_AES_128_CBC_SHA" + - "TLS_RSA_WITH_IDEA_CBC_SHA" + - "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256" + - "TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384" + - "TLS_DH_RSA_WITH_SEED_CBC_SHA" + - "TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384" + - "TLS_DHE_DSS_WITH_ARIA_256_CBC_SHA384" + - "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256" + - "TLS_RSA_PSK_WITH_AES_256_CBC_SHA" + - "TLS_RSA_WITH_AES_128_CBC_SHA" + - "TLS_PSK_WITH_AES_256_CBC_SHA384" + - "TLS_DHE_DSS_WITH_SEED_CBC_SHA" + - "TLS_DH_DSS_WITH_ARIA_128_CBC_SHA256" + - "TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256" + - "TLS_SRP_SHA_WITH_AES_128_CBC_SHA" + - "TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384" + - "TLS_RSA_WITH_AES_128_CCM" + - "TLS_RSA_WITH_AES_256_CCM" + - "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA" + - "TLS_RSA_WITH_AES_128_CBC_SHA256" + - "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA" + - "TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256" + - "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256" + - "TLS_PSK_WITH_ARIA_128_GCM_SHA256" + - "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA" + - "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA" + - "TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256" + - "TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384" + - "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256" + - "TLS_DH_RSA_WITH_AES_256_GCM_SHA384" + - "TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384" + - "TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384" + - "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA" + - "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA" + - "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA" + - "TLS_DH_RSA_WITH_ARIA_256_CBC_SHA384" + - "TLS_PSK_WITH_ARIA_256_CBC_SHA384" + - "TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256" + - "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256" + - "TLS_PSK_WITH_AES_256_CBC_SHA" + - "TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA" + - "TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256" + - "TLS_DH_DSS_WITH_SEED_CBC_SHA" + - "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA" + - "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA" + - "TLS_PSK_WITH_CHACHA20_POLY1305_SHA256" + - "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256" + - "TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384" + - "TLS_SRP_SHA_WITH_AES_256_CBC_SHA" + - "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384" + - "TLS_DH_DSS_WITH_AES_256_CBC_SHA256" + - "TLS_PSK_WITH_AES_128_CCM_8" + - "TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA" + - "TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384" + - "TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384" + - "TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384" + - "TLS_PSK_WITH_ARIA_256_GCM_SHA384" + - "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA" + - "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256" + - "TLS_RSA_WITH_AES_256_CCM_8" + - "TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA" + - "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256" + - "TLS_DHE_PSK_WITH_AES_128_CBC_SHA" + - "TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384" + - "TLS_DHE_RSA_WITH_AES_256_CBC_SHA" + - "TLS_DHE_RSA_WITH_SEED_CBC_SHA" + - "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA" + - "TLS_DH_DSS_WITH_ARIA_256_GCM_SHA384" + - "TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384" + - "TLS_DHE_PSK_WITH_AES_256_CBC_SHA384" + - "TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256" + - "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384" + - "TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256" + - "TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA" + - "TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256" + - "TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256" + - "TLS_DHE_RSA_WITH_AES_128_CBC_SHA" + - "TLS_RSA_WITH_AES_128_CCM_8" + - "TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256" + - "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA" + - "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA" + - "TLS_DH_RSA_WITH_ARIA_256_GCM_SHA384" + - "TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256" + - "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256" + - "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256" + - "TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256" + - "TLS_KRB5_WITH_3DES_EDE_CBC_SHA" + - "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256" + - "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256" + - "TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256" + - "TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384" + - "TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256" + - "TLS_PSK_WITH_AES_128_CCM" + - "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256" + - "TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256" + - "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256" + - "TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA" + - "TLS_DH_DSS_WITH_AES_256_CBC_SHA" + - "TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384" + - "TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384" + - "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384" + - "TLS_PSK_WITH_ARIA_128_CBC_SHA256" + - "TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256" + - "TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384" + - "TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA" + - "TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256" + - "TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384" + - "TLS_PSK_WITH_AES_128_CBC_SHA" + - "TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384" + - "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA" + - "TLS_DH_DSS_WITH_AES_256_GCM_SHA384" + - "TLS_PSK_WITH_AES_128_CBC_SHA256" + - "TLS_DHE_DSS_WITH_ARIA_128_CBC_SHA256" + - "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA" + - "TLS_DH_RSA_WITH_AES_256_CBC_SHA256" + - "TLS_RSA_WITH_ARIA_128_GCM_SHA256" + - "TLS_RSA_WITH_ARIA_256_CBC_SHA384" + - "TLS_RSA_PSK_WITH_AES_128_CBC_SHA256" + - "TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA" + - "TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA" + - "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA" + - "TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384" + - "TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384" + - "TLS_DH_DSS_WITH_AES_128_GCM_SHA256" + - "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA" + - "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256" + - "TLS_DHE_PSK_WITH_AES_128_CBC_SHA256" + - "TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384" + - "TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256" + - "TLS_DH_DSS_WITH_AES_128_CBC_SHA" + - "TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256" + - "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256" + - "TLS_RSA_PSK_WITH_AES_128_CBC_SHA" + - "TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384" + - "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA" + - "TLS_PSK_WITH_3DES_EDE_CBC_SHA" + - "TLS_RSA_WITH_ARIA_128_CBC_SHA256" + - "TLS_RSA_PSK_WITH_AES_256_GCM_SHA384" + - "TLS_DH_DSS_WITH_AES_128_CBC_SHA256" + - "TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256" + - "TLS_RSA_PSK_WITH_AES_256_CBC_SHA384" + - "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256" + - "TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384" + - "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256" + - "TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256" + - "TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256" + - "TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384" + - "TLS_RSA_WITH_AES_256_CBC_SHA256" + - "TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA" + - "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384" + - "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA" + - "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384" + - "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA" + - "TLS_DHE_DSS_WITH_AES_128_CBC_SHA" + - "TLS_DHE_DSS_WITH_AES_256_CBC_SHA" + - "TLS_DHE_PSK_WITH_AES_256_CBC_SHA" + - "TLS_PSK_WITH_AES_128_GCM_SHA256" + - "TLS_RSA_WITH_ARIA_256_GCM_SHA384" + - "TLS_PSK_WITH_AES_256_GCM_SHA384" + - "TLS_DH_DSS_WITH_ARIA_128_GCM_SHA256" + - "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256" + - "TLS_DH_RSA_WITH_AES_128_CBC_SHA256" + - "TLS_RSA_WITH_AES_256_GCM_SHA384" + - "TLS_RSA_WITH_SEED_CBC_SHA" + - "TLS_DH_RSA_WITH_ARIA_128_CBC_SHA256" + - "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384" + - "TLS_PSK_WITH_AES_256_CCM" + - "TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256" + - "TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384" + - "TLS_DH_RSA_WITH_AES_256_CBC_SHA" + - "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA" + - "TLS_RSA_WITH_3DES_EDE_CBC_SHA" + - "TLS_DH_DSS_WITH_ARIA_256_CBC_SHA384" + - "TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA" + - "TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256" + - "TLS_PSK_WITH_AES_256_CCM_8" + - "TLS_RSA_WITH_AES_128_GCM_SHA256" + - "TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384" + - "TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256" + - "TLS_DH_RSA_WITH_ARIA_128_GCM_SHA256" + - "TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256" + - "TLS_KRB5_WITH_IDEA_CBC_SHA" + condition: or + + - address: "{{Host}}:{{Port}}" + min_version: tls11 + max_version: tls11 + + extractors: + - type: dsl + dsl: + - "tls_version, cipher" + + matchers: + - type: word + part: cipher + words: + - "TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256" + - "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA" + - "TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384" + - "TLS_DH_RSA_WITH_AES_128_GCM_SHA256" + - "TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA" + - "TLS_RSA_WITH_AES_256_CBC_SHA" + - "TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA" + - "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA" + - "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256" + - "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA" + - "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA" + - "TLS_RSA_PSK_WITH_AES_128_GCM_SHA256" + - "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA" + - "TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256" + - "TLS_DH_RSA_WITH_AES_128_CBC_SHA" + - "TLS_RSA_WITH_IDEA_CBC_SHA" + - "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256" + - "TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384" + - "TLS_DH_RSA_WITH_SEED_CBC_SHA" + - "TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384" + - "TLS_DHE_DSS_WITH_ARIA_256_CBC_SHA384" + - "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256" + - "TLS_RSA_PSK_WITH_AES_256_CBC_SHA" + - "TLS_RSA_WITH_AES_128_CBC_SHA" + - "TLS_PSK_WITH_AES_256_CBC_SHA384" + - "TLS_DHE_DSS_WITH_SEED_CBC_SHA" + - "TLS_DH_DSS_WITH_ARIA_128_CBC_SHA256" + - "TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256" + - "TLS_SRP_SHA_WITH_AES_128_CBC_SHA" + - "TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384" + - "TLS_RSA_WITH_AES_128_CCM" + - "TLS_RSA_WITH_AES_256_CCM" + - "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA" + - "TLS_RSA_WITH_AES_128_CBC_SHA256" + - "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA" + - "TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256" + - "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256" + - "TLS_PSK_WITH_ARIA_128_GCM_SHA256" + - "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA" + - "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA" + - "TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256" + - "TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384" + - "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256" + - "TLS_DH_RSA_WITH_AES_256_GCM_SHA384" + - "TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384" + - "TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384" + - "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA" + - "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA" + - "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA" + - "TLS_DH_RSA_WITH_ARIA_256_CBC_SHA384" + - "TLS_PSK_WITH_ARIA_256_CBC_SHA384" + - "TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256" + - "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256" + - "TLS_PSK_WITH_AES_256_CBC_SHA" + - "TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA" + - "TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256" + - "TLS_DH_DSS_WITH_SEED_CBC_SHA" + - "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA" + - "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA" + - "TLS_PSK_WITH_CHACHA20_POLY1305_SHA256" + - "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256" + - "TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384" + - "TLS_SRP_SHA_WITH_AES_256_CBC_SHA" + - "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384" + - "TLS_DH_DSS_WITH_AES_256_CBC_SHA256" + - "TLS_PSK_WITH_AES_128_CCM_8" + - "TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA" + - "TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384" + - "TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384" + - "TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384" + - "TLS_PSK_WITH_ARIA_256_GCM_SHA384" + - "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA" + - "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256" + - "TLS_RSA_WITH_AES_256_CCM_8" + - "TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA" + - "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256" + - "TLS_DHE_PSK_WITH_AES_128_CBC_SHA" + - "TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384" + - "TLS_DHE_RSA_WITH_AES_256_CBC_SHA" + - "TLS_DHE_RSA_WITH_SEED_CBC_SHA" + - "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA" + - "TLS_DH_DSS_WITH_ARIA_256_GCM_SHA384" + - "TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384" + - "TLS_DHE_PSK_WITH_AES_256_CBC_SHA384" + - "TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256" + - "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384" + - "TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256" + - "TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA" + - "TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256" + - "TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256" + - "TLS_DHE_RSA_WITH_AES_128_CBC_SHA" + - "TLS_RSA_WITH_AES_128_CCM_8" + - "TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256" + - "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA" + - "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA" + - "TLS_DH_RSA_WITH_ARIA_256_GCM_SHA384" + - "TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256" + - "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256" + - "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256" + - "TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256" + - "TLS_KRB5_WITH_3DES_EDE_CBC_SHA" + - "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256" + - "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256" + - "TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256" + - "TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384" + - "TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256" + - "TLS_PSK_WITH_AES_128_CCM" + - "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256" + - "TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256" + - "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256" + - "TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA" + - "TLS_DH_DSS_WITH_AES_256_CBC_SHA" + - "TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384" + - "TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384" + - "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384" + - "TLS_PSK_WITH_ARIA_128_CBC_SHA256" + - "TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256" + - "TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384" + - "TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA" + - "TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256" + - "TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384" + - "TLS_PSK_WITH_AES_128_CBC_SHA" + - "TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384" + - "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA" + - "TLS_DH_DSS_WITH_AES_256_GCM_SHA384" + - "TLS_PSK_WITH_AES_128_CBC_SHA256" + - "TLS_DHE_DSS_WITH_ARIA_128_CBC_SHA256" + - "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA" + - "TLS_DH_RSA_WITH_AES_256_CBC_SHA256" + - "TLS_RSA_WITH_ARIA_128_GCM_SHA256" + - "TLS_RSA_WITH_ARIA_256_CBC_SHA384" + - "TLS_RSA_PSK_WITH_AES_128_CBC_SHA256" + - "TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA" + - "TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA" + - "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA" + - "TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384" + - "TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384" + - "TLS_DH_DSS_WITH_AES_128_GCM_SHA256" + - "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA" + - "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256" + - "TLS_DHE_PSK_WITH_AES_128_CBC_SHA256" + - "TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384" + - "TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256" + - "TLS_DH_DSS_WITH_AES_128_CBC_SHA" + - "TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256" + - "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256" + - "TLS_RSA_PSK_WITH_AES_128_CBC_SHA" + - "TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384" + - "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA" + - "TLS_PSK_WITH_3DES_EDE_CBC_SHA" + - "TLS_RSA_WITH_ARIA_128_CBC_SHA256" + - "TLS_RSA_PSK_WITH_AES_256_GCM_SHA384" + - "TLS_DH_DSS_WITH_AES_128_CBC_SHA256" + - "TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256" + - "TLS_RSA_PSK_WITH_AES_256_CBC_SHA384" + - "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256" + - "TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384" + - "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256" + - "TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256" + - "TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256" + - "TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384" + - "TLS_RSA_WITH_AES_256_CBC_SHA256" + - "TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA" + - "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384" + - "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA" + - "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384" + - "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA" + - "TLS_DHE_DSS_WITH_AES_128_CBC_SHA" + - "TLS_DHE_DSS_WITH_AES_256_CBC_SHA" + - "TLS_DHE_PSK_WITH_AES_256_CBC_SHA" + - "TLS_PSK_WITH_AES_128_GCM_SHA256" + - "TLS_RSA_WITH_ARIA_256_GCM_SHA384" + - "TLS_PSK_WITH_AES_256_GCM_SHA384" + - "TLS_DH_DSS_WITH_ARIA_128_GCM_SHA256" + - "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256" + - "TLS_DH_RSA_WITH_AES_128_CBC_SHA256" + - "TLS_RSA_WITH_AES_256_GCM_SHA384" + - "TLS_RSA_WITH_SEED_CBC_SHA" + - "TLS_DH_RSA_WITH_ARIA_128_CBC_SHA256" + - "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384" + - "TLS_PSK_WITH_AES_256_CCM" + - "TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256" + - "TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384" + - "TLS_DH_RSA_WITH_AES_256_CBC_SHA" + - "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA" + - "TLS_RSA_WITH_3DES_EDE_CBC_SHA" + - "TLS_DH_DSS_WITH_ARIA_256_CBC_SHA384" + - "TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA" + - "TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256" + - "TLS_PSK_WITH_AES_256_CCM_8" + - "TLS_RSA_WITH_AES_128_GCM_SHA256" + - "TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384" + - "TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256" + - "TLS_DH_RSA_WITH_ARIA_128_GCM_SHA256" + - "TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256" + - "TLS_KRB5_WITH_IDEA_CBC_SHA" + condition: or + + - address: "{{Host}}:{{Port}}" + min_version: tls12 + max_version: tls12 + + extractors: + - type: dsl + dsl: + - "tls_version, cipher" + + matchers: + - type: word + part: cipher + words: + - "TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256" + - "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA" + - "TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384" + - "TLS_DH_RSA_WITH_AES_128_GCM_SHA256" + - "TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA" + - "TLS_RSA_WITH_AES_256_CBC_SHA" + - "TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA" + - "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA" + - "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256" + - "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA" + - "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA" + - "TLS_RSA_PSK_WITH_AES_128_GCM_SHA256" + - "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA" + - "TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256" + - "TLS_DH_RSA_WITH_AES_128_CBC_SHA" + - "TLS_RSA_WITH_IDEA_CBC_SHA" + - "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256" + - "TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384" + - "TLS_DH_RSA_WITH_SEED_CBC_SHA" + - "TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384" + - "TLS_DHE_DSS_WITH_ARIA_256_CBC_SHA384" + - "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256" + - "TLS_RSA_PSK_WITH_AES_256_CBC_SHA" + - "TLS_RSA_WITH_AES_128_CBC_SHA" + - "TLS_PSK_WITH_AES_256_CBC_SHA384" + - "TLS_DHE_DSS_WITH_SEED_CBC_SHA" + - "TLS_DH_DSS_WITH_ARIA_128_CBC_SHA256" + - "TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256" + - "TLS_SRP_SHA_WITH_AES_128_CBC_SHA" + - "TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384" + - "TLS_RSA_WITH_AES_128_CCM" + - "TLS_RSA_WITH_AES_256_CCM" + - "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA" + - "TLS_RSA_WITH_AES_128_CBC_SHA256" + - "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA" + - "TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256" + - "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256" + - "TLS_PSK_WITH_ARIA_128_GCM_SHA256" + - "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA" + - "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA" + - "TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256" + - "TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384" + - "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256" + - "TLS_DH_RSA_WITH_AES_256_GCM_SHA384" + - "TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384" + - "TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384" + - "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA" + - "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA" + - "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA" + - "TLS_DH_RSA_WITH_ARIA_256_CBC_SHA384" + - "TLS_PSK_WITH_ARIA_256_CBC_SHA384" + - "TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256" + - "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256" + - "TLS_PSK_WITH_AES_256_CBC_SHA" + - "TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA" + - "TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256" + - "TLS_DH_DSS_WITH_SEED_CBC_SHA" + - "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA" + - "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA" + - "TLS_PSK_WITH_CHACHA20_POLY1305_SHA256" + - "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256" + - "TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384" + - "TLS_SRP_SHA_WITH_AES_256_CBC_SHA" + - "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384" + - "TLS_DH_DSS_WITH_AES_256_CBC_SHA256" + - "TLS_PSK_WITH_AES_128_CCM_8" + - "TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA" + - "TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384" + - "TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384" + - "TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384" + - "TLS_PSK_WITH_ARIA_256_GCM_SHA384" + - "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA" + - "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256" + - "TLS_RSA_WITH_AES_256_CCM_8" + - "TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA" + - "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256" + - "TLS_DHE_PSK_WITH_AES_128_CBC_SHA" + - "TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384" + - "TLS_DHE_RSA_WITH_AES_256_CBC_SHA" + - "TLS_DHE_RSA_WITH_SEED_CBC_SHA" + - "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA" + - "TLS_DH_DSS_WITH_ARIA_256_GCM_SHA384" + - "TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384" + - "TLS_DHE_PSK_WITH_AES_256_CBC_SHA384" + - "TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256" + - "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384" + - "TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256" + - "TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA" + - "TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256" + - "TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256" + - "TLS_DHE_RSA_WITH_AES_128_CBC_SHA" + - "TLS_RSA_WITH_AES_128_CCM_8" + - "TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256" + - "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA" + - "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA" + - "TLS_DH_RSA_WITH_ARIA_256_GCM_SHA384" + - "TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256" + - "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256" + - "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256" + - "TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256" + - "TLS_KRB5_WITH_3DES_EDE_CBC_SHA" + - "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256" + - "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256" + - "TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256" + - "TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384" + - "TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256" + - "TLS_PSK_WITH_AES_128_CCM" + - "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256" + - "TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256" + - "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256" + - "TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA" + - "TLS_DH_DSS_WITH_AES_256_CBC_SHA" + - "TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384" + - "TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384" + - "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384" + - "TLS_PSK_WITH_ARIA_128_CBC_SHA256" + - "TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256" + - "TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384" + - "TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA" + - "TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256" + - "TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384" + - "TLS_PSK_WITH_AES_128_CBC_SHA" + - "TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384" + - "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA" + - "TLS_DH_DSS_WITH_AES_256_GCM_SHA384" + - "TLS_PSK_WITH_AES_128_CBC_SHA256" + - "TLS_DHE_DSS_WITH_ARIA_128_CBC_SHA256" + - "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA" + - "TLS_DH_RSA_WITH_AES_256_CBC_SHA256" + - "TLS_RSA_WITH_ARIA_128_GCM_SHA256" + - "TLS_RSA_WITH_ARIA_256_CBC_SHA384" + - "TLS_RSA_PSK_WITH_AES_128_CBC_SHA256" + - "TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA" + - "TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA" + - "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA" + - "TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384" + - "TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384" + - "TLS_DH_DSS_WITH_AES_128_GCM_SHA256" + - "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA" + - "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256" + - "TLS_DHE_PSK_WITH_AES_128_CBC_SHA256" + - "TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384" + - "TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256" + - "TLS_DH_DSS_WITH_AES_128_CBC_SHA" + - "TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256" + - "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256" + - "TLS_RSA_PSK_WITH_AES_128_CBC_SHA" + - "TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384" + - "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA" + - "TLS_PSK_WITH_3DES_EDE_CBC_SHA" + - "TLS_RSA_WITH_ARIA_128_CBC_SHA256" + - "TLS_RSA_PSK_WITH_AES_256_GCM_SHA384" + - "TLS_DH_DSS_WITH_AES_128_CBC_SHA256" + - "TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256" + - "TLS_RSA_PSK_WITH_AES_256_CBC_SHA384" + - "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256" + - "TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384" + - "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256" + - "TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256" + - "TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256" + - "TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384" + - "TLS_RSA_WITH_AES_256_CBC_SHA256" + - "TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA" + - "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384" + - "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA" + - "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384" + - "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA" + - "TLS_DHE_DSS_WITH_AES_128_CBC_SHA" + - "TLS_DHE_DSS_WITH_AES_256_CBC_SHA" + - "TLS_DHE_PSK_WITH_AES_256_CBC_SHA" + - "TLS_PSK_WITH_AES_128_GCM_SHA256" + - "TLS_RSA_WITH_ARIA_256_GCM_SHA384" + - "TLS_PSK_WITH_AES_256_GCM_SHA384" + - "TLS_DH_DSS_WITH_ARIA_128_GCM_SHA256" + - "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256" + - "TLS_DH_RSA_WITH_AES_128_CBC_SHA256" + - "TLS_RSA_WITH_AES_256_GCM_SHA384" + - "TLS_RSA_WITH_SEED_CBC_SHA" + - "TLS_DH_RSA_WITH_ARIA_128_CBC_SHA256" + - "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384" + - "TLS_PSK_WITH_AES_256_CCM" + - "TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256" + - "TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384" + - "TLS_DH_RSA_WITH_AES_256_CBC_SHA" + - "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA" + - "TLS_RSA_WITH_3DES_EDE_CBC_SHA" + - "TLS_DH_DSS_WITH_ARIA_256_CBC_SHA384" + - "TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA" + - "TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256" + - "TLS_PSK_WITH_AES_256_CCM_8" + - "TLS_RSA_WITH_AES_128_GCM_SHA256" + - "TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384" + - "TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256" + - "TLS_DH_RSA_WITH_ARIA_128_GCM_SHA256" + - "TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256" + - "TLS_KRB5_WITH_IDEA_CBC_SHA" + condition: or + + - address: "{{Host}}:{{Port}}" + min_version: tls13 + max_version: tls13 + + extractors: + - type: dsl + dsl: + - "tls_version, cipher" matchers: - type: word