PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-15 20:29:03 +00:00
Code Issues Projects Releases Wiki Activity

Add some fingerprints of problematic keys reportedly belonging to APT1. Contributed by Mariusz Ziulek. http://seclists.org/nmap-dev/2013/q3/638

Browse Source
This commit is contained in:
fyodor
2013-09-28 03:13:07 +00:00
parent 8505a92c17
commit 35e118802b
2 changed files with 37 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
scripts/ssl-known-key.nse
View File

@@ -12,11 +12,13 @@ description = [[
Checks whether the SSL certificate used by a host has a fingerprint
that matches an included database of problematic keys.
The only database currently checked the LittleBlackBox 0.1 database of
compromised keys from various devices, but any file of fingerprints
will serve just as well. For example, this could be used to find weak
Debian OpenSSL keys using the widely available (but too large to
include with Nmap) list.
The only databases currently checked are the LittleBlackBox 0.1
database of compromised keys from various devices and some keys
reportedly used by the Chinese state-sponsored hacking division APT1
(https://www.mandiant.com/blog/md5-sha1/). However, any file of
fingerprints will serve just as well. For example, this could be used
to find weak Debian OpenSSL keys using the widely available (but too
large to include with Nmap) list.
]]
---