From 3b7376337b1cd71cd35c85bad4cda6aae1f39b61 Mon Sep 17 00:00:00 2001
From: pussycat0x <65701233+pussycat0x@users.noreply.github.com>
Date: Sun, 12 Nov 2023 16:25:01 +0530
Subject: [PATCH] SSH Weak MAC Algorithms Enabled

---
 javascript/enumeration/ssh-weak-mac-algo.yaml | 43 +++++++++++++++++++
 1 file changed, 43 insertions(+)
 create mode 100644 javascript/enumeration/ssh-weak-mac-algo.yaml

diff --git a/javascript/enumeration/ssh-weak-mac-algo.yaml b/javascript/enumeration/ssh-weak-mac-algo.yaml
new file mode 100644
index 0000000000..120ad04a6b
--- /dev/null
+++ b/javascript/enumeration/ssh-weak-mac-algo.yaml
@@ -0,0 +1,43 @@
+id: ssh-weak-mac-algo
+
+info:
+  name: SSH Weak MAC Algorithms Enabled
+  author: pussycat0x
+  severity: low
+  description: |
+    The system's SSH configuration poses a security risk by allowing weak Message Authentication Code (MAC) algorithms, potentially exposing it to vulnerabilities and unauthorized access. It is crucial to update and strengthen the MAC algorithms for enhanced security.
+  reference:
+    - https://www.tenable.com/plugins/nessus/71049
+  metadata:
+    verified: true
+    shodan-query: product:"OpenSSH"
+  tags: javascript,ssh,misconfig,network
+
+javascript:
+  - code: |
+      let m = require("nuclei/ssh");
+      let c = m.SSHClient();
+      let response = c.ConnectSSHInfoMode(Host, Port);
+      to_json(response);
+
+    args:
+      Host: "{{Host}}"
+      Port: "22"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "server_to_client_macs"
+          - "client_to_server_macs"
+        condition: and  
+
+      - type: word
+        words:
+          - "hmac-md5"
+          - "hmac-md5-96"
+          - "hmac-sha1-96"
+          - "hmac-md5"
+          - "hmac-md5-96"
+          - "hmac-sha1-96"
+        condition: or
\ No newline at end of file