nuclei-templates/network/detection/dropbear-cbc-ciphers.yaml

id: dropbear-cbc-ciphers

info:
  name: Dropbear sshd CBC Mode Ciphers Detection
  author: pussycat0x
  severity: low
  description: |
    The SSH server is configured to support Cipher Block Chaining (CBC) encryption. This may allow an attacker to recover the plaintext message from the ciphertext.
  remediation: |
    Disable CBC Ciphers.
  reference: |
    https://www.tenable.com/plugins/nessus/70658
  metadata:
    max-request: 2
    verified: true
    shodan-query: 'product:"Dropbear sshd"'
  tags: network,ssh,dropbear

tcp:
  - inputs:
      - data: "\n"

    host:
      - "{{Hostname}}"
      - "{{Host}}:22"

    matchers:
      - type: word
        words:
          - "cbc"
          - "SSH-"
        condition: and
Add files via upload 2022-11-22 18:28:08 +00:00			`id: dropbear-cbc-ciphers`

			`info:`
			`name: Dropbear sshd CBC Mode Ciphers Detection`
			`author: pussycat0x`
			`severity: low`
			`description: \|`
			`The SSH server is configured to support Cipher Block Chaining (CBC) encryption. This may allow an attacker to recover the plaintext message from the ciphertext.`
Update dropbear-cbc-ciphers.yaml 2022-11-23 18:15:18 +00:00			`remediation: \|`
			`Disable CBC Ciphers.`
Update dropbear-cbc-ciphers.yaml 2022-11-23 07:02:38 +00:00			`reference: \|`
			`https://www.tenable.com/plugins/nessus/70658`
Add files via upload 2022-11-22 18:28:08 +00:00			`metadata:`
Added max request counter of each template 2023-04-28 08:11:21 +00:00			`max-request: 2`
Add files via upload 2022-11-22 18:28:08 +00:00			`verified: true`
			`shodan-query: 'product:"Dropbear sshd"'`
			`tags: network,ssh,dropbear`

Refactoring the directory structure based on protocols (#7137) * moving http templates * updated cves.json * moved network CVEs * updated scripts * updated workflows * updated requests to http * replaced network to tcp --------- Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com> 2023-04-27 04:28:59 +00:00			`tcp:`
Add files via upload 2022-11-22 18:28:08 +00:00			`- inputs:`
			`- data: "\n"`
Update dropbear-cbc-ciphers.yaml 2022-11-24 18:35:59 +00:00
Add files via upload 2022-11-22 18:28:08 +00:00			`host:`
			`- "{{Hostname}}"`
			`- "{{Host}}:22"`
Update dropbear-cbc-ciphers.yaml 2022-11-24 18:35:59 +00:00
Add files via upload 2022-11-22 18:28:08 +00:00			`matchers:`
			`- type: word`
			`words:`
			`- "cbc"`
Update dropbear-cbc-ciphers.yaml 2022-12-02 11:49:56 +00:00			`- "SSH-"`
Update dropbear-cbc-ciphers.yaml 2022-12-02 11:50:59 +00:00			`condition: and`