Nmap Development mailing list archives
[PATCH] APT1 ssl certificates
From: "Mariusz \"mzet\" Ziulek" <zlabs.eu () gmail com>
Date: Thu, 26 Sep 2013 12:21:21 +0200
Hi everyone, Mandiant company updated it's APT1 report (http://www.mandiant.com/apt1) by releasing fingerprints of ssl certificates used by APT1 malware (details can be found here: https://www.mandiant.com/blog/md5-sha1/). Update was released quite time ago (in March) but I still think it's worth to have it in Nmap. I think that the good place for it is ssl-known-key script and it's database of 'problematic' ssl keys. Currently there are only certs from Little Black Box 0.1 project so I added APT1 certs there. What do you guys think about it? Regards, Mariusz -- website: http://zlabs.eu blog: http://softwareflaws.blogspot.com
Attachment:
apt1-certs.diff
Description:
_______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [PATCH] APT1 ssl certificates Mariusz "mzet" Ziulek (Sep 26)
- Re: [PATCH] APT1 ssl certificates Fyodor (Sep 27)
- Re: [PATCH] APT1 ssl certificates Mariusz "mzet" Ziulek (Sep 30)
- Re: [PATCH] APT1 ssl certificates Fyodor (Sep 27)