From 39393be901fd93f4730bcbc0ea9cd8a502a1f338 Mon Sep 17 00:00:00 2001
From: h00die <michaeltcyr@gmail.com>
Date: Mon, 24 Oct 2022 15:22:51 -0400
Subject: [PATCH] refinements on ca issuers regex

---
 modules/auxiliary/scanner/ssl/ssl_version.rb | 13 +++++++------
 1 file changed, 7 insertions(+), 6 deletions(-)

diff --git a/modules/auxiliary/scanner/ssl/ssl_version.rb b/modules/auxiliary/scanner/ssl/ssl_version.rb
index d66c3e3aea..0e4a6deddb 100644
--- a/modules/auxiliary/scanner/ssl/ssl_version.rb
+++ b/modules/auxiliary/scanner/ssl/ssl_version.rb
@@ -158,19 +158,20 @@ class MetasploitModule < Msf::Auxiliary
       print_status("\tNot Valid After: #{cert.not_after}")
 
       # Checks for common properties of self signed certificates
+      # regex tried against a bunch of alexa top 100 and others.
+      # https://rubular.com/r/Yj6vyy1VqGWCL8
       caissuer = nil
       cert.extensions.each do |e|
-        e = e.to_s
-        if /CA Issuers - URI:([^, \n]*)/i.match(e)
-          caissuer = /CA Issuers - URI:([^, \n]*)/i.match(e)
-          break
-        end
+        next unless /CA Issuers - URI:([^, \n]*)/i =~ e.to_s
+
+        caissuer = ::Regexp.last_match(1)
+        break
       end
 
       if caissuer.nil?
         print_good("\tCertificate contains no CA Issuers extension... possible self signed certificate")
       else
-        print_status("\t#{caissuer}")
+        print_status("\tCA Issuer: #{caissuer}")
       end
 
       if cert.issuer.to_s == cert.subject.to_s