Revoked SSL Certificate - Detect
ID: revoked-ssl-certificate
Severity: low
Author: pussycat0x
Tags: ssl,tls,revoked
Description
Section titled “Description”Certificate revocation is the act of invalidating a TLS/SSL before its scheduled expiration date. A certificate should be revoked immediately when its private key shows signs of being compromised. It should also be revoked when the domain for which it was issued is no longer operational.
YAML Source
Section titled “YAML Source”id: revoked-ssl-certificate
info: name: Revoked SSL Certificate - Detect author: pussycat0x severity: low description: | Certificate revocation is the act of invalidating a TLS/SSL before its scheduled expiration date. A certificate should be revoked immediately when its private key shows signs of being compromised. It should also be revoked when the domain for which it was issued is no longer operational. reference: | - https://www.invicti.com/web-vulnerability-scanner/vulnerabilities/revoked-ssl-certificate/ - https://www.tenable.com/plugins/nnm/5837 metadata: max-request: 1 tags: ssl,tls,revokedssl: - address: "{{Host}}:{{Port}}" matchers: - type: dsl dsl: - "revoked == true"# digest: 4b0a00483046022100f02fbe6ee43298443f3aaed0c05e23e8d04726abed8c0f0c63fdfdb7a442bc5a022100a4eaade788cdcca38a6041bbc468a3ffe64686549b4e5413e1adaeeb114151ce:922c64590222798bb761d5b6d8e72950Guide to check the vulnerabilities
Section titled “Guide to check the vulnerabilities”This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.
$ nuclei -u "URL" -t "ssl/revoked-ssl-certificate.yaml"