Skip to content

[BUG] ssl protocol parts are not auto generated #5706

New issue
New issue
Closed
Bug
#5710
Closed
[BUG] ssl protocol parts are not auto generated#5706
Bug
#5710
Assignees
dogancanbakir
Labels
Type: BugInconsistencies or issues which will cause an issue or problem for users or implementors.
Milestone
nuclei v3.3.5
@ehsandeep

Description

@ehsandeep
ehsandeep
opened on Oct 8, 2024

Is there an existing issue for this?

  • I have searched the existing issues.

Current Behavior

In SYNTAX-REFERENCE.md, ssl part have 5 fields define, but engine does support more part that are avaiable as part of ssl request.

Expected Behavior

autogenerated scheme should include all the supported part from supported protocol response.

Steps To Reproduce

nuclei -id expired-ssl -v -svd

Relevant log output

$ echo example.com | nuclei -id expired-ssl -v -svd

                     __     _
   ____  __  _______/ /__  (_)
  / __ \/ / / / ___/ / _ \/ /
 / / / / /_/ / /__/ /  __/ /
/_/ /_/\__,_/\___/_/\___/_/   v3.3.4

		projectdiscovery.io

[VER] Started metrics server at localhost:9092
[WRN] Excluded 117 template[s] with known weak matchers / tags excluded from default run using .nuclei-ignore
[INF] Current nuclei version: v3.3.4 (latest)
[INF] Current nuclei-templates version: v10.0.1 (latest)
[WRN] Scan results upload to cloud is disabled.
[INF] New templates added in latest release: 86
[INF] Templates loaded for current scan: 1
[INF] Executing 1 signed templates from projectdiscovery/nuclei-templates
[INF] Targets loaded for current scan: 1
[DBG] SSL Protocol request variables: 
	1. Host => example.com
	2. Hostname => example.com:443
	3. Port => 443

[VER] [expired-ssl] Sent SSL request to example.com:443
[DBG] Ssl Protocol response variables: 
	1. Host => example.com
	2. Hostname => example.com:443
	3. Port => 443
	4. cipher => TLS_AES_256_GCM_SHA384
	5. domains => [www.example.net www.exam .... mple.com www.example.edu]
	6. fingerprint_hash => {83dc5195f21734e988900a36 .... d6afee408672cf19eba7a362}
	7. host => example.com
	8. ip => 93.184.215.14
	9. issuer_cn => DigiCert Global G2 TLS RSA SHA256 2020 CA1
	10. issuer_dn => CN=DigiCert Global G2 TLS .... CA1, O=DigiCert Inc, C=US
	11. issuer_org => [DigiCert Inc]
	12. matched => example.com:443
	13. not_after => 2025-03-01 23:59:59 +0000 UTC
	14. not_before => 2024-01-30 00:00:00 +0000 UTC
	15. port => 443
	16. probe_status => true
	17. response => {"timestamp":"2024-10-08T .... tls","sni":"example.com"}
	18. serial => 07:5B:CE:F3:06:89:C8:AD:DF:13:E5:1A:F4:AF:E1:87
	19. sni => example.com
	20. subject_an => [www.example.org example. .... mple.edu www.example.net]
	21. subject_cn => www.example.org
	22. subject_dn => CN=www.example.org, O=Int .... eles, ST=California, C=US
	23. subject_org => [Internet Corporation f .... ned Names and Numbers]
	24. template-id => expired-ssl
	25. template-info => {Expired SSL Certificate  .... place the existing one. }
	26. template-path => /Users/geekboy/nuclei-tem .... ates/ssl/expired-ssl.yaml
	27. timestamp => 2024-10-08 17:42:03.36042 ....  +0530 IST m=+2.882871085
	28. tls_connection => ctls
	29. tls_version => tls13
	30. type => ssl

Environment

go version go1.21.3 darwin/arm64

Anything else?

No response

Metadata

Metadata

Assignees

Labels

Type: BugInconsistencies or issues which will cause an issue or problem for users or implementors.

Type

Bug

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions