MetaSploit Now Scans For MD5-signed SSL CertificatesJanuary 4, 2009 – 8:29 AM
Efrain Torres just committed an improvement to the Metasploit source tree that allows the framework to be used as a SSL certificate scanner. This provides a simple way to identify SSL certificates in use that were signed with the MD5 algorithm and need to re-issued. To use the new module, update to the latest version of the development framework (3.3-dev) and follow the steps below.
msf > use auxiliary/scanner/http/wmap_ssl
msf auxiliary(wmap_ssl) > set RHOSTS admin.censored.bad
msf auxiliary(wmap_ssl) > set RPORT 443
msf auxiliary(wmap_ssl) > set SSL true
msf auxiliary(wmap_ssl) > run