MMM Efrain Torres a new module for identify CA with metasploit. -mark
2009/1/2 Aiko Barz <[email protected]> > On Thu, Jan 01, 2009 at 06:19:01PM -0500, Memisyazici, Aras wrote: > > SSL Blacklist now detects and warns about certificate chains that use the > MD5 algorithm for RSA signatures. > > Does anybody know a plugin that keeps track of the used certificates and > CAs? I tried "certificate patrol" [1]. But I wasn't too happy... > > I would like to get warnings, whenever a fingerprint changes. For > example: > > INFO: The certificate fingerprint has changed. > The new certificate is signed by the same CA. > Details... > > WARNING: The certificate fingerprint has changed. > The new certificate is signed by a different CA. > A possible MITM attack has been detected. > Details... > > So long, > Aiko > > [1]: https://addons.mozilla.org/en-US/firefox/addon/6415 > -- > :wq ✉ > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.9 (GNU/Linux) > > iEYEARECAAYFAklea0wACgkQemsPkv+IVCGFrQCfQxlBaThYbgxNFuvtbLR40oJI > 6jYAn1UH9GLYMrRfKEZmFdEF1ATgDTVv > =7Czh > -----END PGP SIGNATURE----- > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ >
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
