mirror of
https://github.com/projectdiscovery/nuclei-templates.git
synced 2026-02-04 01:33:21 +08:00
30 lines
1.1 KiB
YAML
30 lines
1.1 KiB
YAML
id: allow-untrusted-certificates
|
|
|
|
info:
|
|
name: System Allows Untrusted Certificates
|
|
author: princechaddha
|
|
severity: medium
|
|
description: Checks if the system allows untrusted certificates to be installed.
|
|
impact: |
|
|
Installing untrusted certificates can lead to man-in-the-middle attacks and data theft.
|
|
remediation: |
|
|
Ensure that untrusted certificates are blocked and only allow trusted certificates to be installed.
|
|
tags: certificates,untrusted,code,windows-audit
|
|
|
|
self-contained: true
|
|
|
|
code:
|
|
- pre-condition: |
|
|
IsWindows();
|
|
engine:
|
|
- powershell
|
|
- powershell.exe
|
|
pattern: "*.ps1"
|
|
source: |
|
|
$certs = Get-ChildItem -Path Cert:\CurrentUser\Disallowed; if ($certs.Count -gt 0) { "Misconfigured certificates detected:`n" + ($certs.Subject -join "`n") } else { "No untrusted certificates detected." }
|
|
|
|
matchers:
|
|
- type: word
|
|
words:
|
|
- "Misconfigured certificates detected"
|
|
# digest: 490a00463044022037ccc8b7b278209cac3d7a3c509ae602ca7450ddb8140b3f7b309b6fddbf548302203cc568d0773a006016cfa825bdb24569e971fb5833708a232f8100d5497718ad:922c64590222798bb761d5b6d8e72950 |