Merge pull request #8605 from projectdiscovery/pussycat0x-patch-6

SSH Weak MAC Algorithms Enabled

javascript/enumeration/ssh-weak-mac-algo.yaml

@@ -0,0 +1,43 @@
+id: ssh-weak-mac-algo
+
+info:
+  name: SSH Weak MAC Algorithms Enabled
+  author: pussycat0x
+  severity: low
+  description: |
+    The system's SSH configuration poses a security risk by allowing weak Message Authentication Code (MAC) algorithms, potentially exposing it to vulnerabilities and unauthorized access. It is crucial to update and strengthen the MAC algorithms for enhanced security.
+  reference:
+    - https://www.tenable.com/plugins/nessus/71049
+  metadata:
+    verified: true
+    shodan-query: product:"OpenSSH"
+  tags: javascript,ssh,misconfig,network
+
+javascript:
+  - code: |
+      let m = require("nuclei/ssh");
+      let c = m.SSHClient();
+      let response = c.ConnectSSHInfoMode(Host, Port);
+      to_json(response);
+
+    args:
+      Host: "{{Host}}"
+      Port: "22"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "server_to_client_macs"
+          - "client_to_server_macs"
+        condition: and
+
+      - type: word
+        words:
+          - "hmac-md5"
+          - "hmac-md5-96"
+          - "hmac-sha1-96"
+          - "hmac-md5"
+          - "hmac-md5-96"
+          - "hmac-sha1-96"
+        condition: or