Puppet Server Naive Signing Scanner
You can scan Puppet server to see whether naive signing is enabled by using this tool.
Short Info
Level
Low
Type
Single Scan
Can be used by
Asset Owner
Estimated Time
15 sec
Scan only one
Domain, Ipv4
Parent Category
Puppet Server Naive Signing Scanner Detail
Detects if naive signing is enabled on a Puppet server. This enables attackers to create any Certificate Signing Request and have it signed, allowing them to impersonate as a puppet agent. This can leak the configuration of the agents as well as any other sensitive information found in the configuration files.
This script makes use of the Puppet HTTP API interface to sign the request.
This script has been Tested on versions 3.8.5, 4.10.
References:
Try it yourself,
control security posture
control security posture