Fixed listing weak ciphers in ssl_version scan #20488
Conversation
mwalas-r7
force-pushed
the
fix/ssl-version-scanner
branch
from
c82ca4c to
a3cc52c
Compare
| # Store certificate in loot with rex-sslscan metadata | ||
| loot_cert = store_loot( | ||
| 'ssl.certificate.rex_sslscan', | ||
| 'text/plain', |
There was a problem hiding this comment.
I think we can be more specific here. When certs are stored on disk they're usually in a specific format like PEM or PKCS12. We should set the MIME type here to reflect that more accurately.
There was a problem hiding this comment.
@smcintyre-r7 i have adjusted the mime type and format of the saved certiticate
mwalas-r7
force-pushed
the
fix/ssl-version-scanner
branch
from
86a93e4 to
6c77f74
Compare
There was a problem hiding this comment.
Changes are looking good to me. In this side by side test, the old version is on the left while the new version is on the right. You can see that extra ciphers are being identified in the version on the right.
The certificate is also stored as a PEM file so we have a copy on disk and can obtain additional information later. The mime type for the PEM file looks correct. I ran this test using a hostname zerosteiner.com and also noticed that the old version was failing when connected to the database while the new one is not.
Release NotesThis updates the |
This PR fixes missing weak ciphers from the ssl_version scanner output. OpenSSL was replaced by
Rexlibrary.Verification
msfconsoleuse auxiliary/scanner/ssl/ssl_versionset rhosts localhost- target server with weak certificates and ciphers enabled, default port is 443run