admin/nuclei-templates
1
0
Fork 0
mirror of https://github.com/projectdiscovery/nuclei-templates.git synced 2026-01-31 15:53:33 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
643a62d6e71cb42ffeaf4c799569626b4e81207f
nuclei-templates/ssl/kubernetes-fake-certificate.yaml
ghost 3c29bfc0cb chore: sign templates 🤖
2025-10-26 16:17:37 +00:00

30 lines
1.2 KiB
YAML
Raw Blame History

id: kubernetes-fake-certificate
info:
name: Kubernetes Fake Ingress Certificate - Detect
author: kchason
severity: low
description: |
Kubernetes Fake Ingress Certificate is a feature in Kubernetes that allows users to create and use fake or self-signed SSL/TLS certificates for testing purposes without having to obtain a real SSL/TLS certificate from a trusted Certificate Authority (CA).
remediation: Purchase or generate a proper SSL certificate for this service.
reference:
- https://snyk.io/blog/setting-up-ssl-tls-for-kubernetes-ingress/
metadata:
verified: true
max-request: 1
shodan-query: ssl:"Kubernetes Ingress Controller Fake Certificate"
tags: ssl,tls,kubernetes,self-signed,vuln
ssl:
- address: "{{Host}}:{{Port}}"
matchers:
- type: dsl
dsl:
- 'subject_cn == "Kubernetes Ingress Controller Fake Certificate"'
- 'issuer_cn == "Kubernetes Ingress Controller Fake Certificate"'
condition: or
extractors:
- type: dsl
dsl:
- '"Issuer: " + issuer_cn'
# digest: 490a0046304402201211fbddb309f4e3a4a66a57abf74295a4837e33885e053b51ec82cf57ab958102206fcea3746263e36436cff69bda661b069ee660257bb7e1c9499c483799082c09:922c64590222798bb761d5b6d8e72950
Reference in New Issue View Git Blame Copy Permalink