Self Signed SSL Certificate

ID: self-signed-ssl

Severity: low

Author: righettod,pdteam

Tags: ssl,tls,self-signed

Description

self-signed certificates are public key certificates that are not issued by a certificate authority. These self-signedcertificates are easy to make and do not cost money. However, they do not provide any trust value.

YAML Source

id: self-signed-ssl

info:
  name: Self Signed SSL Certificate
  author: righettod,pdteam
  severity: low
  description: |
    self-signed certificates are public key certificates that are not issued by a certificate authority. These self-signed
    certificates are easy to make and do not cost money. However, they do not provide any trust value.
  remediation: |
    Purchase or generate a proper SSL certificate for this service.
  reference:
    - https://www.rapid7.com/db/vulnerabilities/ssl-self-signed-certificate/
  metadata:
    max-request: 1
  tags: ssl,tls,self-signed
ssl:
  - address: "{{Host}}:{{Port}}"
    matchers:
      - type: dsl
        dsl:
          - "self_signed == true"
# digest: 490a0046304402200455608440b38d255f2cfa23e3ba2d2b5adf2492547cac5c1b90bf5831b35c2402204148fd4285d5e48ef54fc6a8a02ad48d3b1f02b49e38c8b6e0e9bbf31395151f:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

$ nuclei -u "URL" -t "ssl/self-signed-ssl.yaml"

View on Github