Kubernetes Fake Ingress Certificate - Detect
ID: kubernetes-fake-certificate
Severity: low
Author: kchason
Tags: ssl,tls,kubernetes,self-signed
Description
Section titled “Description”Kubernetes Fake Ingress Certificate is a feature in Kubernetes that allows users to create and use fake or self-signed SSL/TLS certificates for testing purposes without having to obtain a real SSL/TLS certificate from a trusted Certificate Authority (CA).
YAML Source
Section titled “YAML Source”id: kubernetes-fake-certificate
info: name: Kubernetes Fake Ingress Certificate - Detect author: kchason severity: low description: | Kubernetes Fake Ingress Certificate is a feature in Kubernetes that allows users to create and use fake or self-signed SSL/TLS certificates for testing purposes without having to obtain a real SSL/TLS certificate from a trusted Certificate Authority (CA). remediation: Purchase or generate a proper SSL certificate for this service. reference: - https://snyk.io/blog/setting-up-ssl-tls-for-kubernetes-ingress/ metadata: verified: true max-request: 1 shodan-query: ssl:"Kubernetes Ingress Controller Fake Certificate" tags: ssl,tls,kubernetes,self-signedssl: - address: "{{Host}}:{{Port}}" matchers: - type: dsl dsl: - 'subject_cn == "Kubernetes Ingress Controller Fake Certificate"' - 'issuer_cn == "Kubernetes Ingress Controller Fake Certificate"' condition: or
extractors: - type: dsl dsl: - '"Issuer: " + issuer_cn'# digest: 490a0046304402203108956c0b97656a66686d0992b608120350b01427948c4a1517c3adfe811b76022039b8155c614f4c54cde953dea0276c0f0176573409226a4c3f7e4a2af78ac3ff:922c64590222798bb761d5b6d8e72950Guide to check the vulnerabilities
Section titled “Guide to check the vulnerabilities”This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.
$ nuclei -u "URL" -t "ssl/kubernetes-fake-certificate.yaml"