mismatched ssl detection + ssl template updates (#5256)
* mismatched ssl detection + ssl template updates * misc fixpatch-1
parent
a5e0f6f165
commit
ac0b120aa2
|
@ -16,8 +16,8 @@ info:
|
|||
|
||||
ssl:
|
||||
- address: "{{Host}}:{{Port}}"
|
||||
min_version: sslv3
|
||||
max_version: sslv3
|
||||
min_version: ssl30
|
||||
max_version: ssl30
|
||||
|
||||
extractors:
|
||||
- type: json
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
id: detect-ssl-issuer
|
||||
id: ssl-issuer
|
||||
|
||||
info:
|
||||
name: Detect SSL Certificate Issuer
|
||||
|
@ -12,4 +12,4 @@ ssl:
|
|||
extractors:
|
||||
- type: json
|
||||
json:
|
||||
- " .issuer_organization[]"
|
||||
- " .issuer_org[]"
|
||||
|
|
|
@ -8,7 +8,13 @@ info:
|
|||
|
||||
ssl:
|
||||
- address: "{{Host}}:{{Port}}"
|
||||
|
||||
matchers:
|
||||
- type: dsl
|
||||
dsl:
|
||||
- "unixtime() > not_after"
|
||||
- "expired == true"
|
||||
|
||||
extractors:
|
||||
- type: kval
|
||||
kval:
|
||||
- "not_after"
|
|
@ -0,0 +1,15 @@
|
|||
id: mismatched-ssl
|
||||
|
||||
info:
|
||||
name: Mismatched SSL Certificate
|
||||
author: pdteam
|
||||
severity: low
|
||||
tags: ssl
|
||||
|
||||
ssl:
|
||||
- address: "{{Host}}:{{Port}}"
|
||||
|
||||
matchers:
|
||||
- type: dsl
|
||||
dsl:
|
||||
- "mismatched == true"
|
|
@ -9,20 +9,7 @@ info:
|
|||
ssl:
|
||||
- address: "{{Host}}:{{Port}}"
|
||||
|
||||
extractors:
|
||||
- type: json
|
||||
name: common_name
|
||||
json:
|
||||
- ".common_name[]"
|
||||
internal: true
|
||||
|
||||
- type: json
|
||||
name: issuer_common_name
|
||||
json:
|
||||
- ".issuer_common_name[]"
|
||||
internal: true
|
||||
|
||||
matchers:
|
||||
- type: dsl
|
||||
dsl:
|
||||
- "common_name == issuer_common_name"
|
||||
- "self_signed == true"
|
|
@ -12,4 +12,4 @@ ssl:
|
|||
extractors:
|
||||
- type: json
|
||||
json:
|
||||
- " .dns_names[]"
|
||||
- ".subject_an[]"
|
|
@ -12,4 +12,4 @@ ssl:
|
|||
extractors:
|
||||
- type: json
|
||||
json:
|
||||
- " .tls_version"
|
||||
- ".tls_version"
|
||||
|
|
Loading…
Reference in New Issue