Information Security, Nmap, SHA-1, SHA1, TLS

Using Nmap to find x509 (SSL/TLS) certificates that have SHA-1 and MD5 based signatures




A couple of months ago there was quite a bit of press about Google and Mozilla becoming more aggressive about how they handle x509 (SSL/TLS) certificates that have SHA-1 based signatures. The background for this is linked in the references section at the end of this post. In short, the SHA-1 cryptographic hash algorithm is considered too weak to be safely used as part of the public web PKI.

The impact for site operators and network security teams is that over the next two years browser users will begin to see warnings that indicate that a site is secure but with errors when it uses a SHA-1 certificate that expires after January 1, 2016.  Sites will be flagged as insecure if the SHA-1 certificate expires after January 1, 2017. This is something that requires action now as certificates are generally bought or generated with at least a one year life but in many cases organizations are using 2, 3, or 5 year certificates.

Continue reading

Information Security, Metasploit

Support for session and job ID ranges in Metasploit console

When I am working on Metasploit related projects I often end up with a ton of shells during testing.  Some of these and some just need to be killed off.  To help with this at the end of October I submitted a pull request [1] to the Metasploit GitHub repo that added the ability to kill multiple sessions at a time in one command.  The basic syntax looks like this:

sessions -k  
sessions -k 1,3,5-8

Continue reading