1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
|
[0;36m# general[0m
[0;31m(gen) banner: SSH-1.99-OpenSSH_4.0[0m
[0;31m(gen) protocol SSH1 enabled[0m
[0;32m(gen) software: OpenSSH 4.0[0m
[0;32m(gen) compatibility: OpenSSH 3.9-6.6, Dropbear SSH 0.53+ (some functionality from 0.52)[0m
[0;32m(gen) compression: enabled (zlib)[0m
[0;36m# security[0m
[0;33m(cve) CVE-2020-15778 -- (CVSSv2: 7.8) command injection via anomalous argument transfers[0m
[0;33m(cve) CVE-2018-15473 -- (CVSSv2: 5.3) enumerate usernames due to timing discrepancies[0m
[0;33m(cve) CVE-2017-15906 -- (CVSSv2: 5.3) readonly bypass via sftp[0m
[0;33m(cve) CVE-2016-20012 -- (CVSSv2: 5.3) enumerate usernames via challenge response[0m
[0;33m(cve) CVE-2016-3115 -- (CVSSv2: 5.5) bypass command restrictions via crafted X11 forwarding data[0m
[0;33m(cve) CVE-2014-1692 -- (CVSSv2: 7.5) cause DoS via triggering error condition (memory corruption)[0m
[0;33m(cve) CVE-2012-0814 -- (CVSSv2: 3.5) leak data via debug messages[0m
[0;33m(cve) CVE-2011-5000 -- (CVSSv2: 3.5) cause DoS via large value in certain length field (memory consumption)[0m
[0;33m(cve) CVE-2010-5107 -- (CVSSv2: 5.0) cause DoS via large number of connections (slot exhaustion)[0m
[0;33m(cve) CVE-2010-4755 -- (CVSSv2: 4.0) cause DoS via crafted glob expression (CPU and memory consumption)[0m
[0;33m(cve) CVE-2010-4478 -- (CVSSv2: 7.5) bypass authentication check via crafted values[0m
[0;33m(cve) CVE-2008-5161 -- (CVSSv2: 2.6) recover plaintext data from ciphertext[0m
[0;33m(cve) CVE-2008-4109 -- (CVSSv2: 5.0) cause DoS via multiple login attempts (slot exhaustion)[0m
[0;33m(cve) CVE-2008-1657 -- (CVSSv2: 6.5) bypass command restrictions via modifying session file[0m
[0;33m(cve) CVE-2008-1483 -- (CVSSv2: 6.9) hijack forwarded X11 connections[0m
[0;33m(cve) CVE-2007-4752 -- (CVSSv2: 7.5) privilege escalation via causing an X client to be trusted[0m
[0;33m(cve) CVE-2007-2243 -- (CVSSv2: 5.0) discover valid usernames through different responses[0m
[0;33m(cve) CVE-2006-5052 -- (CVSSv2: 5.0) discover valid usernames through different responses[0m
[0;31m(cve) CVE-2006-5051 -- (CVSSv2: 9.3) cause DoS or execute arbitrary code (double free)[0m
[0;33m(cve) CVE-2006-4924 -- (CVSSv2: 7.8) cause DoS via crafted packet (CPU consumption)[0m
[0;33m(cve) CVE-2006-0225 -- (CVSSv2: 4.6) execute arbitrary code[0m
[0;33m(cve) CVE-2005-2798 -- (CVSSv2: 5.0) leak data about authentication credentials[0m
[0;31m(sec) SSH v1 enabled -- SSH v1 can be exploited to recover plaintext passwords[0m
[0;36m# key exchange algorithms[0m
[0;31m(kex) diffie-hellman-group-exchange-sha1 (1024-bit) -- [fail] using small 1024-bit modulus[0m
`- [info] available since OpenSSH 2.3.0
[0;31m(kex) diffie-hellman-group14-sha1 -- [fail] using broken SHA-1 hash algorithm[0m
[0;33m `- [warn] 2048-bit modulus only provides 112-bits of symmetric strength[0m
`- [info] available since OpenSSH 3.9, Dropbear SSH 0.53
[0;31m(kex) diffie-hellman-group1-sha1 -- [fail] using small 1024-bit modulus[0m
[0;31m `- [fail] vulnerable to the Logjam attack: https://en.wikipedia.org/wiki/Logjam_(computer_security)[0m
[0;31m `- [fail] using broken SHA-1 hash algorithm[0m
`- [info] available since OpenSSH 2.3.0, Dropbear SSH 0.28
`- [info] removed in OpenSSH 6.9: https://www.openssh.com/txt/release-6.9
[0;36m# host-key algorithms[0m
[0;31m(key) ssh-rsa (1024-bit) -- [fail] using broken SHA-1 hash algorithm[0m
[0;31m `- [fail] using small 1024-bit modulus[0m
`- [info] available since OpenSSH 2.5.0, Dropbear SSH 0.28
`- [info] deprecated in OpenSSH 8.8: https://www.openssh.com/txt/release-8.8
[0;31m(key) ssh-dss -- [fail] using small 1024-bit modulus[0m
[0;33m `- [warn] using weak random number generator could reveal the key[0m
`- [info] available since OpenSSH 2.1.0, Dropbear SSH 0.28
`- [info] disabled in OpenSSH 7.0: https://www.openssh.com/txt/release-7.0
[0;36m# encryption algorithms (ciphers)[0m
[0;33m(enc) aes128-cbc -- [warn] using weak cipher mode[0m
`- [info] available since OpenSSH 2.3.0, Dropbear SSH 0.28
[0;31m(enc) 3des-cbc -- [fail] using broken & deprecated 3DES cipher[0m
[0;33m `- [warn] using weak cipher mode[0m
[0;33m `- [warn] using small 64-bit block size[0m
`- [info] available since OpenSSH 1.2.2, Dropbear SSH 0.28
[0;31m(enc) blowfish-cbc -- [fail] using weak & deprecated Blowfish cipher[0m
[0;33m `- [warn] using weak cipher mode[0m
[0;33m `- [warn] using small 64-bit block size[0m
`- [info] available since OpenSSH 1.2.2, Dropbear SSH 0.28
[0;31m(enc) cast128-cbc -- [fail] using weak & deprecated CAST cipher[0m
[0;33m `- [warn] using weak cipher mode[0m
[0;33m `- [warn] using small 64-bit block size[0m
`- [info] available since OpenSSH 2.1.0
[0;31m(enc) arcfour -- [fail] using broken RC4 cipher[0m
`- [info] available since OpenSSH 2.1.0
[0;33m(enc) aes192-cbc -- [warn] using weak cipher mode[0m
`- [info] available since OpenSSH 2.3.0
[0;33m(enc) aes256-cbc -- [warn] using weak cipher mode[0m
`- [info] available since OpenSSH 2.3.0, Dropbear SSH 0.47
[0;31m(enc) rijndael-cbc@lysator.liu.se -- [fail] using deprecated & non-standardized Rijndael cipher[0m
[0;33m `- [warn] using weak cipher mode[0m
`- [info] available since OpenSSH 2.3.0
`- [info] disabled in OpenSSH 7.0: https://www.openssh.com/txt/release-7.0
[0;32m(enc) aes128-ctr -- [info] available since OpenSSH 3.7, Dropbear SSH 0.52[0m
[0;32m(enc) aes192-ctr -- [info] available since OpenSSH 3.7[0m
[0;32m(enc) aes256-ctr -- [info] available since OpenSSH 3.7, Dropbear SSH 0.52[0m
[0;36m# message authentication code algorithms[0m
[0;31m(mac) hmac-md5 -- [fail] using broken MD5 hash algorithm[0m
[0;33m `- [warn] using encrypt-and-MAC mode[0m
`- [info] available since OpenSSH 2.1.0, Dropbear SSH 0.28
[0;31m(mac) hmac-sha1 -- [fail] using broken SHA-1 hash algorithm[0m
[0;33m `- [warn] using encrypt-and-MAC mode[0m
`- [info] available since OpenSSH 2.1.0, Dropbear SSH 0.28
[0;31m(mac) hmac-ripemd160 -- [fail] using deprecated RIPEMD hash algorithm[0m
[0;33m `- [warn] using encrypt-and-MAC mode[0m
`- [info] available since OpenSSH 2.5.0
[0;31m(mac) hmac-ripemd160@openssh.com -- [fail] using deprecated RIPEMD hash algorithm[0m
[0;33m `- [warn] using encrypt-and-MAC mode[0m
`- [info] available since OpenSSH 2.1.0
[0;31m(mac) hmac-sha1-96 -- [fail] using broken SHA-1 hash algorithm[0m
[0;33m `- [warn] using encrypt-and-MAC mode[0m
`- [info] available since OpenSSH 2.5.0, Dropbear SSH 0.47
[0;31m(mac) hmac-md5-96 -- [fail] using broken MD5 hash algorithm[0m
[0;33m `- [warn] using encrypt-and-MAC mode[0m
`- [info] available since OpenSSH 2.5.0
[0;36m# fingerprints[0m
[0;32m(fin) ssh-rsa: SHA256:YZ457EBcJTSxRKI3yXRgtAj3PBf5B9/F36b1SVooml4[0m
[0;36m# algorithm recommendations (for OpenSSH 4.0)[0m
[0;31m(rec) -3des-cbc -- enc algorithm to remove [0m
[0;31m(rec) -arcfour -- enc algorithm to remove [0m
[0;31m(rec) -blowfish-cbc -- enc algorithm to remove [0m
[0;31m(rec) -cast128-cbc -- enc algorithm to remove [0m
[0;31m(rec) -diffie-hellman-group-exchange-sha1 -- kex algorithm to remove [0m
[0;31m(rec) -diffie-hellman-group1-sha1 -- kex algorithm to remove [0m
[0;31m(rec) -diffie-hellman-group14-sha1 -- kex algorithm to remove [0m
[0;31m(rec) -hmac-md5 -- mac algorithm to remove [0m
[0;31m(rec) -hmac-md5-96 -- mac algorithm to remove [0m
[0;31m(rec) -hmac-ripemd160 -- mac algorithm to remove [0m
[0;31m(rec) -hmac-ripemd160@openssh.com -- mac algorithm to remove [0m
[0;31m(rec) -hmac-sha1 -- mac algorithm to remove [0m
[0;31m(rec) -hmac-sha1-96 -- mac algorithm to remove [0m
[0;31m(rec) -rijndael-cbc@lysator.liu.se -- enc algorithm to remove [0m
[0;31m(rec) -ssh-dss -- key algorithm to remove [0m
[0;31m(rec) -ssh-rsa -- key algorithm to remove [0m
[0;33m(rec) -aes128-cbc -- enc algorithm to remove [0m
[0;33m(rec) -aes192-cbc -- enc algorithm to remove [0m
[0;33m(rec) -aes256-cbc -- enc algorithm to remove [0m
[0;36m# additional info[0m
[0;33m(nfo) For hardening guides on common OSes, please see: <https://www.ssh-audit.com/hardening_guides.html>[0m
|