Weak SSL/TLS Protocols Enabled
ID: weak-ssl-tls-protocols-enabled
Severity: critical
Author: princechaddha
Tags: windows,ssl,tls,protocol,code,windows-audit
Description
Section titled “Description”Checks if weak SSL/TLS protocols (such as SSLv2 or SSLv3) are enabled on the system.
YAML Source
Section titled “YAML Source”id: weak-ssl-tls-protocols-enabled
info: name: Weak SSL/TLS Protocols Enabled author: princechaddha severity: critical description: Checks if weak SSL/TLS protocols (such as SSLv2 or SSLv3) are enabled on the system. impact: | Weak SSL/TLS protocols are vulnerable to attacks, which could compromise the confidentiality and integrity of communications. remediation: | Disable weak SSL/TLS protocols like SSLv2 and SSLv3 and enforce the use of stronger versions such as TLS 1.2 or higher. tags: windows,ssl,tls,protocol,code,windows-audit
self-contained: true
code: - pre-condition: | IsWindows(); engine: - powershell.exe args: - -ExecutionPolicy - Bypass pattern: "*.ps1" source: | $protocols = Get-ChildItem -Path 'HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols' -ErrorAction SilentlyContinue; if ($protocols.Name -contains 'SSL 2.0' -or $protocols.Name -contains 'SSL 3.0') { Write-Output 'Weak SSL/TLS protocols enabled'; }
matchers: - type: word words: - "Weak SSL/TLS protocols enabled"# digest: 4b0a00483046022100cf1c0b5be9b792058c1770dd5965a88da3c9487acabe2424693b234d549ab21a022100d35219e610f3c86080d975a4ff25a2f849fb10e67f231b4d4b60a9dbf6516bc2:922c64590222798bb761d5b6d8e72950Guide to check the vulnerabilities
Section titled “Guide to check the vulnerabilities”This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.
$ nuclei -u "URL" -t "code/windows/audit/weak-ssl-tls-protocols-enabled.yaml"