mirror of
https://github.com/projectdiscovery/nuclei-templates.git
synced 2026-01-31 15:53:33 +08:00
26 lines
846 B
YAML
26 lines
846 B
YAML
id: wildcard-tls
|
|
|
|
info:
|
|
name: Wildcard TLS Certificate
|
|
author: lucky0x0d
|
|
severity: info
|
|
description: |
|
|
Checks a sites certificate to see if there are wildcard CN or SAN entries.
|
|
reference:
|
|
- https://cheatsheetseries.owasp.org/cheatsheets/Transport_Layer_Security_Cheat_Sheet.html#carefully-consider-the-use-of-wildcard-certificates
|
|
metadata:
|
|
max-request: 1
|
|
tags: ssl,tls,wildcard,vuln
|
|
ssl:
|
|
- address: "{{Host}}:{{Port}}"
|
|
matchers:
|
|
- type: dsl
|
|
dsl:
|
|
- wildcard_certificate == true
|
|
|
|
extractors:
|
|
- type: dsl
|
|
dsl:
|
|
- '"CN: " + subject_cn'
|
|
- '" SAN: " + subject_an'
|
|
# digest: 4a0a00473045022100d212781d5e370a83cdcdcf7dca48f9a78bcfcee1408c49b01c2ab1c6fe52226402204be3b6749e1cafbb12f6e6a4a35a58af056b52164821096aaa4d8e3026e831b0:922c64590222798bb761d5b6d8e72950 |