MetaSploit Now Scans For MD5-signed SSL Certificates

January 4, 2009 – 8:29 AM

Efrain Torres just committed an improvement to the Metasploit source tree that allows the framework to be used as a SSL certificate scanner. This provides a simple way to identify SSL certificates in use that were signed with the MD5 algorithm and need to re-issued. To use the new module, update to the latest version of the development framework (3.3-dev) and follow the steps below.

msf > use auxiliary/scanner/http/wmap_ssl

msf auxiliary(wmap_ssl) > set RHOSTS admin.censored.bad
msf auxiliary(wmap_ssl) > set RPORT 443
msf auxiliary(wmap_ssl) > set SSL true
msf auxiliary(wmap_ssl) > run


You must be logged in to post a comment.