admin/nuclei-templates
1
0
Fork 0
mirror of https://github.com/projectdiscovery/nuclei-templates.git synced 2026-01-31 07:43:27 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
89b548a3c78a2710608d6d8964b4cb824104eace
nuclei-templates/cloud/alibaba/rds/encryption-intransit-disabled.yaml
Prince Chaddha 89b548a3c7 updated tags and profile name
2024-12-23 14:49:56 +05:30

60 lines
1.6 KiB
YAML
Raw Blame History

id: encryption-intransit-disabled
info:
name: RDS Encryption in Transit - Disabled
author: DhiyaneshDK
severity: high
description: |
Encryption in transit for Alibaba Cloud RDS is disabled, exposing data transmission to potential interception and unauthorized access.
reference:
- https://www.alibabacloud.com/help/en/rds/apsaradb-rds-for-mysql/configure-ssl-encryption-for-an-apsaradb-rds-for-mysql-instance
- https://www.trendmicro.com/cloudoneconformity/knowledge-base/alibaba-cloud/AlibabaCloud-RDS/enable-encryption-in-transit.html
metadata:
max-request: 1
verified: true
tags: cloud,devops,aliyun,alibaba,alibaba-cloud-config,alibaba-rds
variables:
region: "cn-hangzhou"
flow: |
code(1)
for(let DBInstanceId of iterate(template.dbinstanceid)){
set("instance", DBInstanceId)
code(2)
}
self-contained: true
code:
- engine:
- sh
- bash
source: |
aliyun rds DescribeDBInstances --region $region
extractors:
- type: json
name: dbinstanceid
internal: true
json:
- '.Items.DBInstance[].DBInstanceId'
- engine:
- sh
- bash
source: |
aliyun rds DescribeDBInstanceSSL --DBInstanceId $dbinstanceid --region $region
matchers:
- type: word
words:
- '"SSLEnabled": "No"'
extractors:
- type: dsl
dsl:
- 'instance + " RDS Encryption in Transit is Disabled "'
# digest: 4a0a0047304502207bd7763f293d6b80ad35d86af2b4c923898a0a604ef8449e4e245f921e28e33c022100a427aef186f1d4f93a24cf49ae1ab29b1b2e3bd76182429cd4247486778feae6:922c64590222798bb761d5b6d8e72950
Reference in New Issue View Git Blame Copy Permalink