admin/nuclei-templates
1
0
Fork 0
mirror of https://github.com/projectdiscovery/nuclei-templates.git synced 2026-02-15 15:13:30 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
e2e9901bf9ec94de03e5ed7490847aac0ccbc598
nuclei-templates/cloud/gcp/loadbalancing/gcloud-ssl-policy-insecure-ciphers.yaml
Prince Chaddha ea7a5969c8 Revert "chore: update TemplateMan 🤖" 
This reverts commit c31d574176.
2025-05-27 10:39:47 +08:00

94 lines
2.6 KiB
YAML
Raw Blame History

id: gcloud-ssl-policy-insecure-ciphers
info:
name: Insecure SSL Cipher Suites in GCP Load Balancers
author: princechaddha
severity: medium
description: |
This check scans SSL policies of Google Cloud HTTPS and SSL Proxy load balancers to identify insecure cipher suites. It ensures SSL policies use TLS 1.2 with secure profiles and exclude weak ciphers.
impact: |
Insecure cipher suites can lead to vulnerabilities, allowing attackers to decrypt or intercept data.
remediation: |
Ensure SSL policies use MODERN or RESTRICTED profiles, or a secure CUSTOM profile without weak ciphers.
reference:
- https://cloud.google.com/load-balancing/docs/ssl-policies
tags: cloud,devops,gcp,gcloud,google-cloud-load-balancing,gcp-cloud-config
flow: |
code(1)
for(let projectId of iterate(template.projectIds)){
set("projectId", projectId)
code(2)
for(let proxy of iterate(template.httpsProxies)){
set("sslPolicy", proxy.sslPolicy)
code(4)
}
code(3)
for(let proxy of iterate(template.sslProxies)){
set("sslPolicy", proxy.sslPolicy)
code(4)
}
}
self-contained: true
code:
- engine:
- sh
- bash
source: |
gcloud projects list --format="json(projectId)"
extractors:
- type: json
internal: true
name: projectIds
json:
- '.[].projectId'
- engine:
- sh
- bash
source: |
gcloud compute target-https-proxies list --project $projectId --format="json(name,sslPolicy)"
extractors:
- type: json
internal: true
name: httpsProxies
json:
- '.[]'
- engine:
- sh
- bash
source: |
gcloud compute target-ssl-proxies list --project $projectId --format="json(name,sslPolicy)"
extractors:
- type: json
internal: true
name: sslProxies
json:
- '.[]'
- engine:
- sh
- bash
source: |
gcloud compute ssl-policies describe $sslPolicy --format="json(minTlsVersion,profile,enabledFeatures)"
matchers:
- type: word
words:
- 'TLS_1_0'
- 'TLS_RSA_WITH_AES_128_GCM_SHA256'
- 'TLS_RSA_WITH_AES_256_GCM_SHA384'
- 'TLS_RSA_WITH_AES_128_CBC_SHA'
- 'TLS_RSA_WITH_AES_256_CBC_SHA'
- 'TLS_RSA_WITH_3DES_EDE_CBC_SHA'
- type: dsl
dsl:
- '"Insecure SSL Policy Detected in Proxy: " + sslPolicy + " in Project: " + projectId'
# digest: 490a0046304402207fa271060d3c05012c584090bfc5fc7146cb541b9dd51961b9b67ca96e694a58022030c8337c0aa6c949067dd0a59183b425f8514bf25264388c37cf6a7be26dc649:922c64590222798bb761d5b6d8e72950
Reference in New Issue View Git Blame Copy Permalink