Added TLS SNI Proxy Detection (#6729)

2023-02-12 14:13:38 +05:30 · 2023-02-12 14:13:38 +05:30 · eb535defd5
parent cbcec3f1eb
commit eb535defd5
1 changed files with 23 additions and 0 deletions
--- a/misconfiguration/tls-sni-proxy.yaml
+++ b/misconfiguration/tls-sni-proxy.yaml
@ -0,0 +1,23 @@
+id: tls-sni-proxy
+
+info:
+  name: TLS SNI Proxy Detection
+  author: pdteam
+  severity: info
+  reference:
+    - https://www.invicti.com/blog/web-security/ssrf-vulnerabilities-caused-by-sni-proxy-misconfigurations/
+    - https://www.bamsoftware.com/computers/sniproxy/
+  tags: ssrf,oast,tls,sni,proxy
+
+requests:
+  - raw:
+      - |
+        @tls-sni: interactsh-url
+        GET HTTP/1.1
+        Host: {{Hostname}}
+
+    matchers:
+      - type: word
+        part: interactsh_protocol # Confirms the DNS Interaction
+        words:
+          - "dns"