Merge pull request #6128 from projectdiscovery/Dropbear-sshd-Weak-Key-Exchange-Algorithms-Detection

Dropbear sshd Weak Key Exchange Algorithms Detection
2022-12-02 17:32:54 +05:30 · 2022-12-02 17:32:54 +05:30 · b27a96a038
parent 77d1df59c8 93a34f1b24
commit b27a96a038
1 changed files with 31 additions and 0 deletions
--- a/network/misconfig/dropbear-weakalgo.yaml
+++ b/network/misconfig/dropbear-weakalgo.yaml
@ -0,0 +1,31 @@
+id: dropbear-weakalgo
+
+info:
+  name: Dropbear sshd Weak Key Exchange Algorithms Enabled
+  author: pussycat0x
+  severity: low
+  description: |
+    The SSH key exchange algorithm is fundamental to keep the protocol secure. It is what allows two previously unknown parties to generate a shared key in plain sight, and have that secret remain private to the client and server. Over time, some implementations of this algorithm have been identified as weak or vulnerable.
+  remediation: |
+    Disable the weak algorithms.
+  reference: |
+    https://www.virtuesecurity.com/kb/ssh-weak-key-exchange-algorithms-enabled
+  metadata:
+    verified: true
+    shodan-query: 'product:"Dropbear sshd"'
+  tags: network,ssh,dropbear,misconfig
+
+network:
+  - inputs:
+      - data: "\n"
+
+    host:
+      - "{{Hostname}}"
+      - "{{Host}}:22"
+
+    matchers:
+      - type: word
+        words:
+          - "diffie-hellman-group-exchange-sha1"
+          - "diffie-hellman-group1-sha1"
+        condition: or