Minor improvements - added plugin version to regex and fixed overlooked previously copy-pasted text from another module
Signed-off-by: Sam Stepanyan <sam.stepanyan@owasp.org>
1. changed the date format from "%Y/%m/%d" to "%Y-%m-%d" to make it ANSI and ISO 8601 compliant.
2. Changed the issuer and subject to issuer_str and subject_str which are formatted string from the x509 objects.
3. Added subject to ssl_expired_certificate_vuln and ssl_expiring_certificate_scan modules
1. Change the date format from d/m/Y to Y-m-d (e.g. 2004-08-28)
2. In the return/output of ssl_certificate_scan in SSL library please add certificate "subject" and "issuer" so these could be logged
3. Rename ssl_version module to ssl_weak_version
4. Change ssl_expired_certificate module to return expired certs only ( do not count expiring_soon certs - it is not a vulnerability!)
5. Create a separate ssl_expiring_certificate module in modules/scan (remember 'expiring soon' is not a vulnerability, so we need to make this a 'scan' module)
6. Rename ssl_signed_certificate module to ssl_certificate_weak_signature and remove the self-signed check from it
7. Create a separate ssl_self_signed_certificate module in modules/vuln
Next in nettacker/core/lib/ssl.py
in class SslLibrary(BaseLibrary): you have ssl_certificate_scan and ssl_version_and_cipher_scan methods.
There is a common code in these two methods so these could be refactored to remove the repetition. Please refactor/improve this.
In ssl_version_and_cipher_scan also please add add to the output /return certificate "subject" ,"issuer" and an expiry date.
This way if a user scans they network using IP addresses and some servers will come up with weak SSL versions/ciphers it will be easier for user to identify the servers using the certificate subject/issuer
Sam Stepanyan
Captain-T2004
Arkadii Yakovets