46 lines
1.4 KiB
YAML
46 lines
1.4 KiB
YAML
id: ssh-weak-mac-algo
|
|
|
|
info:
|
|
name: SSH Weak MAC Algorithms Enabled
|
|
author: pussycat0x
|
|
severity: low
|
|
description: |
|
|
The system's SSH configuration poses a security risk by allowing weak Message Authentication Code (MAC) algorithms, potentially exposing it to vulnerabilities and unauthorized access. It is crucial to update and strengthen the MAC algorithms for enhanced security.
|
|
reference:
|
|
- https://www.tenable.com/plugins/nessus/71049
|
|
metadata:
|
|
verified: true
|
|
max-request: 2
|
|
shodan-query: product:"OpenSSH"
|
|
tags: js,enum,ssh,misconfig,network
|
|
|
|
javascript:
|
|
- pre-condition: |
|
|
isPortOpen(Host,Port);
|
|
code: |
|
|
let m = require("nuclei/ssh");
|
|
let c = m.SSHClient();
|
|
let response = c.ConnectSSHInfoMode(Host, Port);
|
|
Export(response);
|
|
args:
|
|
Host: "{{Host}}"
|
|
Port: "22"
|
|
|
|
matchers-condition: and
|
|
matchers:
|
|
- type: word
|
|
words:
|
|
- "server_to_client_macs"
|
|
- "client_to_server_macs"
|
|
condition: and
|
|
|
|
- type: word
|
|
words:
|
|
- "hmac-md5"
|
|
- "hmac-md5-96"
|
|
- "hmac-sha1-96"
|
|
- "hmac-md5"
|
|
- "hmac-md5-96"
|
|
- "hmac-sha1-96"
|
|
condition: or
|
|
# digest: 490a0046304402207c21377a66b663801228ba58c7145a36f82f256dff404f6a7e1e4ea067d12cf3022031a5619499916f5cafd51c7cd121e33ae70d410631b1804802378813ab99f3fc:922c64590222798bb761d5b6d8e72950 |