40 lines
1.0 KiB
YAML
40 lines
1.0 KiB
YAML
|
id: ssh-weak-algo-supported
|
||
|
|
|
||
|
|
info:
|
||
|
|
name: SSH Weak Algorithms Supported
|
||
|
|
author: pussycat0x
|
||
|
|
severity: medium
|
||
|
|
description: |
|
||
|
|
SSH weak algorithms are outdated cryptographic methods that pose security risks. Identifying and disabling these vulnerable algorithms is crucial for enhancing the overall security of SSH connections.
|
||
|
|
reference:
|
||
|
|
- https://www.tenable.com/plugins/nessus/90317
|
||
|
|
metadata:
|
||
|
|
verified: true
|
||
|
|
shodan-query: product:"OpenSSH"
|
||
|
|
tags: javascript,ssh,misconfig,network
|
||
|
|
|
||
|
|
javascript:
|
||
|
|
- code: |
|
||
|
|
let m = require("nuclei/ssh");
|
||
|
|
let c = m.SSHClient();
|
||
|
|
let response = c.ConnectSSHInfoMode(Host, Port);
|
||
|
|
to_json(response);
|
||
|
|
|
||
|
|
args:
|
||
|
|
Host: "{{Host}}"
|
||
|
|
Port: "22"
|
||
|
|
|
||
|
|
matchers-condition: and
|
||
|
|
matchers:
|
||
|
|
- type: word
|
||
|
|
words:
|
||
|
|
- "client_to_server_ciphers"
|
||
|
|
- "server_to_client_ciphers"
|
||
|
|
condition: and
|
||
|
|
|
||
|
|
- type: word
|
||
|
|
words:
|
||
|
|
- "arcfour"
|
||
|
|
- "arcfour128"
|
||
|
|
- "arcfour256"
|
||
|
|
condition: or
|