A root certificate is a digital certificate issued by a trusted certificate authority that acts as a basis for other digital certificates. An untrusted root certificate is a certificate that is issued by an authority that is not trusted by the computer, and therefore cannot be used to authenticate websites or other digital certificates.
PoC代码[已公开]
id: untrusted-root-certificate
info:
name: Untrusted Root Certificate - Detect
author: pussycat0x
severity: low
description: |
A root certificate is a digital certificate issued by a trusted certificate authority that acts as a basis for other digital certificates. An untrusted root certificate is a certificate that is issued by an authority that is not trusted by the computer, and therefore cannot be used to authenticate websites or other digital certificates.
reference:
- https://www.sslmarket.com/ssl/trusted-and-untrusted-certificate
- https://www.invicti.com/web-vulnerability-scanner/vulnerabilities/ssl-untrusted-root-certificate/
metadata:
verified: true
max-request: 1
tags: ssl,tls,untrusted,vuln
ssl:
- address: "{{Host}}:{{Port}}"
matchers:
- type: dsl
dsl:
- "untrusted == true"
# digest: 490a0046304402201421bea4f80bb55cb5ab634dc7709d225226a1e5f296a25b16fc3b63940bc10b022027cc35c34b34453267019284199b94da7460e3dfa508454c6ba7d44cf17f2869:922c64590222798bb761d5b6d8e72950