This is a very nice tool. Thanks I am going to test it out now. On Tue, Jan 6, 2009 at 8:47 PM, Mark Sec <[email protected]> wrote:
> MMM Efrain Torres a new module for identify CA with metasploit. > > -mark > > > 2009/1/2 Aiko Barz <[email protected]> > >> On Thu, Jan 01, 2009 at 06:19:01PM -0500, Memisyazici, Aras wrote: >> > SSL Blacklist now detects and warns about certificate chains that use >> the MD5 algorithm for RSA signatures. >> >> Does anybody know a plugin that keeps track of the used certificates and >> CAs? I tried "certificate patrol" [1]. But I wasn't too happy... >> >> I would like to get warnings, whenever a fingerprint changes. For >> example: >> >> INFO: The certificate fingerprint has changed. >> The new certificate is signed by the same CA. >> Details... >> >> WARNING: The certificate fingerprint has changed. >> The new certificate is signed by a different CA. >> A possible MITM attack has been detected. >> Details... >> >> So long, >> Aiko >> >> [1]: https://addons.mozilla.org/en-US/firefox/addon/6415 >> -- >> :wq ✉ >> >> -----BEGIN PGP SIGNATURE----- >> Version: GnuPG v1.4.9 (GNU/Linux) >> >> iEYEARECAAYFAklea0wACgkQemsPkv+IVCGFrQCfQxlBaThYbgxNFuvtbLR40oJI >> 6jYAn1UH9GLYMrRfKEZmFdEF1ATgDTVv >> =7Czh >> -----END PGP SIGNATURE----- >> >> _______________________________________________ >> Full-Disclosure - We believe in it. >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >> Hosted and sponsored by Secunia - http://secunia.com/ >> > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > -- http://www.astorandblack.com
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
