tlsx Include Support - SSL Certificate Signed Using Weak Hashing Algorithm

Include Support - SSL Certificate Signed Using Weak Hashing Algorithm

Open pussycat0x opened this issue 2 years ago • 2 comments

Please describe your feature request:

Reference: https://fadedcode.net/2014/12/17/using-nmap-to-find-x509-ssltls-certificates-that-have-sha-1-and-md5-based-signatures/ Nmap Resut:

| Public Key bits: 2048
| Signature Algorithm: sha256WithRSAEncryption

Describe the use case of this feature:

Reference: https://www.tenable.com/plugins/nessus/35291

Mar 08 '23 09:03 pussycat0x

@pussycat0x do you have any example / test host for this?

Jun 04 '23 08:06 ehsandeep

@ehsandeep Test host: https://self-signed.badssl.com/

Starting Nmap 7.93 ( https://nmap.org ) 
Nmap scan report for self-signed.badssl.com (104.154.89.105)
Host is up (0.29s latency).
rDNS record for 104.154.89.105: 105.89.154.104.bc.googleusercontent.com

PORT    STATE SERVICE
443/tcp open  https
| ssl-cert: Subject: commonName=*.badssl.com/organizationName=BadSSL/stateOrProvinceName=California/countryName=US
| Subject Alternative Name: DNS:*.badssl.com, DNS:badssl.com
| Issuer: commonName=*.badssl.com/organizationName=BadSSL/stateOrProvinceName=California/countryName=US
| Public Key type: rsa
| Public Key bits: 2048
| Signature Algorithm: sha256WithRSAEncryption
| Not valid before: 2023-04-24T00:01:45
| Not valid after:  2025-04-23T00:01:45
| MD5:   ec6973b4eacbbebb3f314dd892907f79
|_SHA-1: dd75ee6018fa63d2d0b22c9c7708d77825d5aac6

Jun 05 '23 05:06 pussycat0x

tlsx tlsx copied to clipboard

Include Support - SSL Certificate Signed Using Weak Hashing Algorithm

Please describe your feature request:

Describe the use case of this feature:

tlsx
tlsx copied to clipboard