From 75f921fd3df1f9e6fc9f8a71b5f0f7e4a7d8bdf2 Mon Sep 17 00:00:00 2001 From: Samreet Singh Date: Fri, 6 Dec 2024 12:15:12 +0100 Subject: [PATCH 1/2] Upgrading ssh-audit from v3.2.0 to v3.3.0 Removed CVE information since it is no longer supported by the scanner Signed-off-by: Samreet Singh --- scanners/ssh-audit/Chart.yaml | 2 +- scanners/ssh-audit/README.md | 2 +- scanners/ssh-audit/parser/parser.js | 29 ++--------------------------- 3 files changed, 4 insertions(+), 29 deletions(-) diff --git a/scanners/ssh-audit/Chart.yaml b/scanners/ssh-audit/Chart.yaml index 11a1e35c91..06cfd0b41e 100644 --- a/scanners/ssh-audit/Chart.yaml +++ b/scanners/ssh-audit/Chart.yaml @@ -7,7 +7,7 @@ name: ssh-audit description: A Helm chart for Kubernetes type: application version: v3.1.0-alpha1 -appVersion: "v3.2.0" +appVersion: "v3.3.0" kubeVersion: ">=v1.11.0-0" annotations: versionApi: https://api.github.com/repos/jtesta/ssh-audit/releases/latest diff --git a/scanners/ssh-audit/README.md b/scanners/ssh-audit/README.md index 5ab24b81b8..974b3ccfb2 100644 --- a/scanners/ssh-audit/README.md +++ b/scanners/ssh-audit/README.md @@ -3,7 +3,7 @@ title: "SSH-audit" category: "scanner" type: "SSH" state: "released" -appVersion: "v3.2.0" +appVersion: "v3.3.0" usecase: "SSH Configuration and Policy Scanner" --- diff --git a/scanners/ssh-audit/parser/parser.js b/scanners/ssh-audit/parser/parser.js index 4929285ba3..c9b1119f98 100644 --- a/scanners/ssh-audit/parser/parser.js +++ b/scanners/ssh-audit/parser/parser.js @@ -215,30 +215,6 @@ function transformRecommendationToFinding( return policyViolationFindings; } -/** - * Transforms cves's from the ssh-audit scanner into SSH Violation Findings - * @param {{}} cves - */ -function transformCVEtoFinding(cves, destination) { - const cvesArray = Object.values(cves); - return Object.values(cvesArray).flatMap(({cvssv2, description, name}) => { - let severity = "HIGH"; - if (cvssv2 < 4) severity = "LOW"; - else if (cvssv2 < 7) severity = "MEDIUM"; - return { - name, - description, - category: "SSH Violation", - location: destination, - severity, - attributes: {cvssv2}, - references: [ - {type: "CVE", value: `${name}`}, - {type: "URL", value: `https://nvd.nist.gov/vuln/detail/${name}`}, - ], - }; - }); -} function isIPaddress(target) { if (/^(?!0)(?!.*\.$)((1?\d?\d|25[0-5]|2[0-4]\d)(\.|$)){4}$/.test(target)) @@ -271,7 +247,6 @@ async function parse(fileContent) { location ) ); - const cvesFindings = transformCVEtoFinding(host.cves, location); // informational findings @@ -287,7 +262,7 @@ async function parse(fileContent) { hostname: hostname || null, ip_address: ipAddress || null, server_banner: host.banner?.raw || null, - ssh_version: host.banner?.protocol[0] || null, + ssh_version: host.banner?.protocol || null, ssh_lib_cpe: host.banner?.software, key_algorithms: host.key, encryption_algorithms: host.enc, @@ -297,7 +272,7 @@ async function parse(fileContent) { fingerprints: host.fingerprints, }, }; - return [serviceFinding, ...policyViolationFindings, ...cvesFindings]; + return [serviceFinding, ...policyViolationFindings]; } module.exports.parse = parse; From 1abb0a34e15972583b9e60fdb609959f19a17fc7 Mon Sep 17 00:00:00 2001 From: Samreet Singh Date: Fri, 6 Dec 2024 12:40:52 +0100 Subject: [PATCH 2/2] Updated examples and test files according to new scanner format Signed-off-by: Samreet Singh --- .../examples/dummy-ssh/findings.yaml | 436 +++-- .../examples/dummy-ssh/ssh-audit-results.json | 508 +++--- .../examples/port-example/findings.yaml | 282 ++- .../port-example/ssh-audit-result.json | 396 +++-- .../integration-tests/ssh-audit.test.js | 15 +- .../parser/__testFiles__/dummy-ssh.json | 508 +++--- .../parser/__testFiles__/example.json | 221 --- .../parser/__testFiles__/example.json.license | 3 - .../parser/__testFiles__/portExample.json | 396 +++-- scanners/ssh-audit/parser/parser.test.js | 1572 ++++++++--------- 10 files changed, 2249 insertions(+), 2088 deletions(-) delete mode 100644 scanners/ssh-audit/parser/__testFiles__/example.json delete mode 100644 scanners/ssh-audit/parser/__testFiles__/example.json.license diff --git a/scanners/ssh-audit/examples/dummy-ssh/findings.yaml b/scanners/ssh-audit/examples/dummy-ssh/findings.yaml index 381004518b..2d3434bdab 100644 --- a/scanners/ssh-audit/examples/dummy-ssh/findings.yaml +++ b/scanners/ssh-audit/examples/dummy-ssh/findings.yaml @@ -16,53 +16,270 @@ "hostname": "dummy-ssh.demo-targets.svc", "ip_address": null, "server_banner": "SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.8", - "ssh_version": 2, + "ssh_version": "2.0", "ssh_lib_cpe": "OpenSSH_7.2p2", "key_algorithms": [ - {"algorithm": "ssh-rsa", "keysize": 2048}, - {"algorithm": "rsa-sha2-512", "keysize": 2048}, - {"algorithm": "rsa-sha2-256", "keysize": 2048}, - {"algorithm": "ecdsa-sha2-nistp256"}, - {"algorithm": "ssh-ed25519"}, + { + "algorithm": "ssh-rsa", + "keysize": 2048, + "notes": + { + "fail": ["using broken SHA-1 hash algorithm"], + "info": + [ + "deprecated in OpenSSH 8.8: https://www.openssh.com/txt/release-8.8", + "available since OpenSSH 2.5.0, Dropbear SSH 0.28", + ], + "warn": + [ + "2048-bit modulus only provides 112-bits of symmetric strength", + ], + }, + }, + { + "algorithm": "rsa-sha2-512", + "keysize": 2048, + "notes": + { + "info": ["available since OpenSSH 7.2"], + "warn": + [ + "2048-bit modulus only provides 112-bits of symmetric strength", + ], + }, + }, + { + "algorithm": "rsa-sha2-256", + "keysize": 2048, + "notes": + { + "info": ["available since OpenSSH 7.2, Dropbear SSH 2020.79"], + "warn": + [ + "2048-bit modulus only provides 112-bits of symmetric strength", + ], + }, + }, + { + "algorithm": "ecdsa-sha2-nistp256", + "notes": + { + "fail": + [ + "using elliptic curves that are suspected as being backdoored by the U.S. National Security Agency", + ], + "info": ["available since OpenSSH 5.7, Dropbear SSH 2013.62"], + "warn": + ["using weak random number generator could reveal the key"], + }, + }, + { + "algorithm": "ssh-ed25519", + "notes": + {"info": ["available since OpenSSH 6.5, Dropbear SSH 2020.79"]}, + }, ], "encryption_algorithms": [ - "chacha20-poly1305@openssh.com", - "aes128-ctr", - "aes192-ctr", - "aes256-ctr", - "aes128-gcm@openssh.com", - "aes256-gcm@openssh.com", + { + "algorithm": "chacha20-poly1305@openssh.com", + "notes": + { + "info": + [ + "default cipher since OpenSSH 6.9", + "available since OpenSSH 6.5, Dropbear SSH 2020.79", + ], + "warn": + [ + "vulnerable to the Terrapin attack (CVE-2023-48795), allowing message prefix truncation", + ], + }, + }, + { + "algorithm": "aes128-ctr", + "notes": + {"info": ["available since OpenSSH 3.7, Dropbear SSH 0.52"]}, + }, + { + "algorithm": "aes192-ctr", + "notes": {"info": ["available since OpenSSH 3.7"]}, + }, + { + "algorithm": "aes256-ctr", + "notes": + {"info": ["available since OpenSSH 3.7, Dropbear SSH 0.52"]}, + }, + { + "algorithm": "aes128-gcm@openssh.com", + "notes": {"info": ["available since OpenSSH 6.2"]}, + }, + { + "algorithm": "aes256-gcm@openssh.com", + "notes": {"info": ["available since OpenSSH 6.2"]}, + }, ], "mac_algorithms": [ - "umac-64-etm@openssh.com", - "umac-128-etm@openssh.com", - "hmac-sha2-256-etm@openssh.com", - "hmac-sha2-512-etm@openssh.com", - "hmac-sha1-etm@openssh.com", - "umac-64@openssh.com", - "umac-128@openssh.com", - "hmac-sha2-256", - "hmac-sha2-512", - "hmac-sha1", + { + "algorithm": "umac-64-etm@openssh.com", + "notes": + { + "info": ["available since OpenSSH 6.2"], + "warn": ["using small 64-bit tag size"], + }, + }, + { + "algorithm": "umac-128-etm@openssh.com", + "notes": {"info": ["available since OpenSSH 6.2"]}, + }, + { + "algorithm": "hmac-sha2-256-etm@openssh.com", + "notes": {"info": ["available since OpenSSH 6.2"]}, + }, + { + "algorithm": "hmac-sha2-512-etm@openssh.com", + "notes": {"info": ["available since OpenSSH 6.2"]}, + }, + { + "algorithm": "hmac-sha1-etm@openssh.com", + "notes": + { + "fail": ["using broken SHA-1 hash algorithm"], + "info": ["available since OpenSSH 6.2"], + }, + }, + { + "algorithm": "umac-64@openssh.com", + "notes": + { + "info": ["available since OpenSSH 4.7"], + "warn": + [ + "using encrypt-and-MAC mode", + "using small 64-bit tag size", + ], + }, + }, + { + "algorithm": "umac-128@openssh.com", + "notes": + { + "info": ["available since OpenSSH 6.2"], + "warn": ["using encrypt-and-MAC mode"], + }, + }, + { + "algorithm": "hmac-sha2-256", + "notes": + { + "info": ["available since OpenSSH 5.9, Dropbear SSH 2013.56"], + "warn": ["using encrypt-and-MAC mode"], + }, + }, + { + "algorithm": "hmac-sha2-512", + "notes": + { + "info": ["available since OpenSSH 5.9, Dropbear SSH 2013.56"], + "warn": ["using encrypt-and-MAC mode"], + }, + }, + { + "algorithm": "hmac-sha1", + "notes": + { + "fail": ["using broken SHA-1 hash algorithm"], + "info": ["available since OpenSSH 2.1.0, Dropbear SSH 0.28"], + "warn": ["using encrypt-and-MAC mode"], + }, + }, ], "compression_algorithms": ["none", "zlib@openssh.com"], "key_exchange_algorithms": [ - {"algorithm": "curve25519-sha256@libssh.org"}, - {"algorithm": "ecdh-sha2-nistp256"}, - {"algorithm": "ecdh-sha2-nistp384"}, - {"algorithm": "ecdh-sha2-nistp521"}, + { + "algorithm": "curve25519-sha256@libssh.org", + "notes": + { + "info": + [ + "default key exchange from OpenSSH 6.5 to 7.3", + "available since OpenSSH 6.4, Dropbear SSH 2013.62", + ], + }, + }, + { + "algorithm": "ecdh-sha2-nistp256", + "notes": + { + "fail": + [ + "using elliptic curves that are suspected as being backdoored by the U.S. National Security Agency", + ], + "info": ["available since OpenSSH 5.7, Dropbear SSH 2013.62"], + }, + }, + { + "algorithm": "ecdh-sha2-nistp384", + "notes": + { + "fail": + [ + "using elliptic curves that are suspected as being backdoored by the U.S. National Security Agency", + ], + "info": ["available since OpenSSH 5.7, Dropbear SSH 2013.62"], + }, + }, + { + "algorithm": "ecdh-sha2-nistp521", + "notes": + { + "fail": + [ + "using elliptic curves that are suspected as being backdoored by the U.S. National Security Agency", + ], + "info": ["available since OpenSSH 5.7, Dropbear SSH 2013.62"], + }, + }, { "algorithm": "diffie-hellman-group-exchange-sha256", - "keysize": 2048, + "keysize": 3072, + "notes": + { + "info": + [ + "OpenSSH's GEX fallback mechanism was triggered during testing. Very old SSH clients will still be able to create connections using a 2048-bit modulus, though modern clients will use 3072. This can only be disabled by recompiling the code (see https://github.com/openssh/openssh-portable/blob/V_9_4/dh.c#L477).", + "available since OpenSSH 4.4", + ], + }, + }, + { + "algorithm": "diffie-hellman-group14-sha1", + "notes": + { + "fail": ["using broken SHA-1 hash algorithm"], + "info": ["available since OpenSSH 3.9, Dropbear SSH 0.53"], + "warn": + [ + "2048-bit modulus only provides 112-bits of symmetric strength", + ], + }, }, - {"algorithm": "diffie-hellman-group14-sha1"}, ], "fingerprints": [ + { + "hash": "pa+Jwax5syiezfL29o6j6uaWBoJeK/LZJ8OXUwPrE5A", + "hash_alg": "SHA256", + "hostkey": "ecdsa-sha2-nistp256", + }, + { + "hash": "f5:fb:82:83:cd:0e:1f:af:2a:45:17:0b:b7:3c:9f:ee", + "hash_alg": "MD5", + "hostkey": "ecdsa-sha2-nistp256", + }, { "hash": "eLwgzyjvrpwDbDr+pDbIfUhlNANB4DPH9/0w1vGa87E", "hash_alg": "SHA256", @@ -85,8 +302,8 @@ }, ], }, - "id": "32b5daad-2421-4731-b06f-ecdb9c238dfe", - "parsed_at": "2023-05-11T08:51:15.833Z", + "id": "d0005b42-7481-4dae-91b2-5d3293d78b3f", + "parsed_at": "2024-12-06T08:42:46.521Z", }, { "name": "Insecure SSH KEX Algorithms", @@ -105,8 +322,8 @@ "ecdh-sha2-nistp521", ], }, - "id": "0692f9e0-443d-4b08-ac18-2b6751ebf90f", - "parsed_at": "2023-05-11T08:51:15.833Z", + "id": "1d136f73-222a-49a5-9d24-73eff949e7fc", + "parsed_at": "2024-12-06T08:42:46.522Z", }, { "name": "Insecure SSH Key Algorithms", @@ -116,8 +333,8 @@ "category": "SSH Policy Violation", "location": "ssh://dummy-ssh.demo-targets.svc", "attributes": {"algorithms": ["ecdsa-sha2-nistp256", "ssh-rsa"]}, - "id": "6fec8829-3c6a-4366-8006-b8f7c180e4bd", - "parsed_at": "2023-05-11T08:51:15.833Z", + "id": "20b8e8c7-01f5-46ac-ae78-ca7b04d61100", + "parsed_at": "2024-12-06T08:42:46.522Z", }, { "name": "Insecure SSH MAC Algorithms", @@ -127,8 +344,8 @@ "category": "SSH Policy Violation", "location": "ssh://dummy-ssh.demo-targets.svc", "attributes": {"algorithms": ["hmac-sha1", "hmac-sha1-etm@openssh.com"]}, - "id": "42947f7f-64ec-4f25-bb96-98515ba8296a", - "parsed_at": "2023-05-11T08:51:15.833Z", + "id": "1af1e73f-6244-4192-9c9b-8fe62796306e", + "parsed_at": "2024-12-06T08:42:46.522Z", }, { "name": "SSH Key Algorithms must be changed", @@ -145,8 +362,19 @@ "rsa-sha2-512 (Note: increase modulus size to 3072 bits or larger)", ], }, - "id": "17d34bda-8944-4311-9986-d149967b2727", - "parsed_at": "2023-05-11T08:51:15.833Z", + "id": "87516897-4ac4-4e9e-b74b-58835faf47c2", + "parsed_at": "2024-12-06T08:42:46.522Z", + }, + { + "name": "Insecure SSH Encryption Algorithms", + "description": "Discouraged SSH Encryption algorithms are in use", + "mitigation": "Remove these encryption algorithms", + "severity": "MEDIUM", + "category": "SSH Policy Violation", + "location": "ssh://dummy-ssh.demo-targets.svc", + "attributes": {"algorithms": ["chacha20-poly1305@openssh.com"]}, + "id": "74b1328b-6e8d-49ad-a1ea-40319890ed13", + "parsed_at": "2024-12-06T08:42:46.522Z", }, { "name": "Insecure SSH MAC Algorithms", @@ -166,133 +394,7 @@ "umac-64@openssh.com", ], }, - "id": "39479a40-2c2a-46cc-8289-b38dae8a32af", - "parsed_at": "2023-05-11T08:51:15.833Z", - }, - { - "name": "CVE-2021-41617", - "description": "privilege escalation via supplemental groups", - "category": "SSH Violation", - "location": "ssh://dummy-ssh.demo-targets.svc", - "severity": "HIGH", - "attributes": {"cvssv2": 7}, - "references": - [ - {"type": "CVE", "value": "CVE-2021-41617"}, - { - "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-41617", - }, - ], - "id": "2b97dd59-760a-4245-b560-07b57796454d", - "parsed_at": "2023-05-11T08:51:15.833Z", - }, - { - "name": "CVE-2020-15778", - "description": "command injection via anomalous argument transfers", - "category": "SSH Violation", - "location": "ssh://dummy-ssh.demo-targets.svc", - "severity": "HIGH", - "attributes": {"cvssv2": 7.8}, - "references": - [ - {"type": "CVE", "value": "CVE-2020-15778"}, - { - "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-15778", - }, - ], - "id": "80ea0ec2-b558-480f-90d6-2b335e1f24ef", - "parsed_at": "2023-05-11T08:51:15.833Z", - }, - { - "name": "CVE-2018-15919", - "description": "username enumeration via GS2", - "category": "SSH Violation", - "location": "ssh://dummy-ssh.demo-targets.svc", - "severity": "MEDIUM", - "attributes": {"cvssv2": 5.3}, - "references": - [ - {"type": "CVE", "value": "CVE-2018-15919"}, - { - "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-15919", - }, - ], - "id": "9bbc1631-1eec-4fbe-91fc-ab9998da801a", - "parsed_at": "2023-05-11T08:51:15.833Z", - }, - { - "name": "CVE-2018-15473", - "description": "enumerate usernames due to timing discrepancies", - "category": "SSH Violation", - "location": "ssh://dummy-ssh.demo-targets.svc", - "severity": "MEDIUM", - "attributes": {"cvssv2": 5.3}, - "references": - [ - {"type": "CVE", "value": "CVE-2018-15473"}, - { - "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-15473", - }, - ], - "id": "29fb98fd-d165-4657-8f42-c25a9ab1bcaa", - "parsed_at": "2023-05-11T08:51:15.833Z", - }, - { - "name": "CVE-2016-20012", - "description": "enumerate usernames via challenge response", - "category": "SSH Violation", - "location": "ssh://dummy-ssh.demo-targets.svc", - "severity": "MEDIUM", - "attributes": {"cvssv2": 5.3}, - "references": - [ - {"type": "CVE", "value": "CVE-2016-20012"}, - { - "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2016-20012", - }, - ], - "id": "e9230054-4fce-4c78-ba92-dcbdba65de93", - "parsed_at": "2023-05-11T08:51:15.833Z", - }, - { - "name": "CVE-2016-6515", - "description": "cause DoS via long password string (crypt CPU consumption)", - "category": "SSH Violation", - "location": "ssh://dummy-ssh.demo-targets.svc", - "severity": "HIGH", - "attributes": {"cvssv2": 7.8}, - "references": - [ - {"type": "CVE", "value": "CVE-2016-6515"}, - { - "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2016-6515", - }, - ], - "id": "b3d1eb1d-3711-439b-a722-ea33f064cb47", - "parsed_at": "2023-05-11T08:51:15.833Z", - }, - { - "name": "CVE-2015-8325", - "description": "privilege escalation via triggering crafted environment", - "category": "SSH Violation", - "location": "ssh://dummy-ssh.demo-targets.svc", - "severity": "HIGH", - "attributes": {"cvssv2": 7.2}, - "references": - [ - {"type": "CVE", "value": "CVE-2015-8325"}, - { - "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2015-8325", - }, - ], - "id": "b4fde106-ca72-44ce-902c-f5287dcf663b", - "parsed_at": "2023-05-11T08:51:15.833Z", + "id": "965e1a1f-9bf5-4066-9774-fbb4bde786c7", + "parsed_at": "2024-12-06T08:42:46.522Z", }, -] +] \ No newline at end of file diff --git a/scanners/ssh-audit/examples/dummy-ssh/ssh-audit-results.json b/scanners/ssh-audit/examples/dummy-ssh/ssh-audit-results.json index 15e01c1323..5e722fc771 100644 --- a/scanners/ssh-audit/examples/dummy-ssh/ssh-audit-results.json +++ b/scanners/ssh-audit/examples/dummy-ssh/ssh-audit-results.json @@ -1,218 +1,296 @@ { - "banner": { - "comments": "Ubuntu-4ubuntu2.8", - "protocol": [ - 2, - 0 + "additional_notes": [ + "Potentially insufficient connection throttling detected, resulting in possible vulnerability to the DHEat DoS attack (CVE-2002-20001). 38 connections were created in 0.202 seconds, or 188.1 conns/sec; server must respond with a rate less than 20.0 conns/sec per IPv4/IPv6 source address to be considered safe. For rate-throttling options, please see . Be aware that using 'PerSourceMaxStartups 1' properly protects the server from this attack, but will cause this test to yield a false positive. Suppress this test and message with the --skip-rate-test option." + ], + "banner": { + "comments": "Ubuntu-4ubuntu2.8", + "protocol": "2.0", + "raw": "SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.8", + "software": "OpenSSH_7.2p2" + }, + "compression": ["none", "zlib@openssh.com"], + "cves": [], + "enc": [ + { + "algorithm": "chacha20-poly1305@openssh.com", + "notes": { + "info": [ + "default cipher since OpenSSH 6.9", + "available since OpenSSH 6.5, Dropbear SSH 2020.79" ], - "raw": "SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.8", - "software": "OpenSSH_7.2p2" - }, - "compression": [ - "none", - "zlib@openssh.com" - ], - "cves": [ - { - "cvssv2": 7.0, - "description": "privilege escalation via supplemental groups", - "name": "CVE-2021-41617" - }, - { - "cvssv2": 7.8, - "description": "command injection via anomalous argument transfers", - "name": "CVE-2020-15778" - }, - { - "cvssv2": 5.3, - "description": "username enumeration via GS2", - "name": "CVE-2018-15919" - }, - { - "cvssv2": 5.3, - "description": "enumerate usernames due to timing discrepancies", - "name": "CVE-2018-15473" - }, - { - "cvssv2": 5.3, - "description": "enumerate usernames via challenge response", - "name": "CVE-2016-20012" - }, - { - "cvssv2": 7.8, - "description": "cause DoS via long password string (crypt CPU consumption)", - "name": "CVE-2016-6515" - }, - { - "cvssv2": 7.2, - "description": "privilege escalation via triggering crafted environment", - "name": "CVE-2015-8325" - } - ], - "enc": [ - "chacha20-poly1305@openssh.com", - "aes128-ctr", - "aes192-ctr", - "aes256-ctr", - "aes128-gcm@openssh.com", - "aes256-gcm@openssh.com" - ], - "fingerprints": [ - { - "hash": "eLwgzyjvrpwDbDr+pDbIfUhlNANB4DPH9/0w1vGa87E", - "hash_alg": "SHA256", - "hostkey": "ssh-ed25519" - }, - { - "hash": "c8:65:6b:d1:59:03:56:21:d9:0f:84:83:ce:ac:40:86", - "hash_alg": "MD5", - "hostkey": "ssh-ed25519" - }, - { - "hash": "MbRX/CgQyN6/p8/ZjORurfaJqDhu4VEIWfXo0BnxaCE", - "hash_alg": "SHA256", - "hostkey": "ssh-rsa" - }, - { - "hash": "a5:6f:62:26:81:03:b7:5e:06:48:10:04:79:4b:ac:32", - "hash_alg": "MD5", - "hostkey": "ssh-rsa" - } - ], - "kex": [ - { - "algorithm": "curve25519-sha256@libssh.org" - }, - { - "algorithm": "ecdh-sha2-nistp256" - }, - { - "algorithm": "ecdh-sha2-nistp384" - }, - { - "algorithm": "ecdh-sha2-nistp521" - }, - { - "algorithm": "diffie-hellman-group-exchange-sha256", - "keysize": 2048 - }, - { - "algorithm": "diffie-hellman-group14-sha1" - } - ], - "key": [ - { - "algorithm": "ssh-rsa", - "keysize": 2048 - }, - { - "algorithm": "rsa-sha2-512", - "keysize": 2048 - }, - { - "algorithm": "rsa-sha2-256", - "keysize": 2048 - }, - { - "algorithm": "ecdsa-sha2-nistp256" - }, - { - "algorithm": "ssh-ed25519" - } - ], - "mac": [ - "umac-64-etm@openssh.com", - "umac-128-etm@openssh.com", - "hmac-sha2-256-etm@openssh.com", - "hmac-sha2-512-etm@openssh.com", - "hmac-sha1-etm@openssh.com", - "umac-64@openssh.com", - "umac-128@openssh.com", - "hmac-sha2-256", - "hmac-sha2-512", - "hmac-sha1" - ], - "recommendations": { - "critical": { - "del": { - "kex": [ - { - "name": "diffie-hellman-group14-sha1", - "notes": "" - }, - { - "name": "ecdh-sha2-nistp256", - "notes": "" - }, - { - "name": "ecdh-sha2-nistp384", - "notes": "" - }, - { - "name": "ecdh-sha2-nistp521", - "notes": "" - } - ], - "key": [ - { - "name": "ecdsa-sha2-nistp256", - "notes": "" - }, - { - "name": "ssh-rsa", - "notes": "" - } - ], - "mac": [ - { - "name": "hmac-sha1", - "notes": "" - }, - { - "name": "hmac-sha1-etm@openssh.com", - "notes": "" - } - ] - } - }, - "warning": { - "chg": { - "key": [ - { - "name": "rsa-sha2-256", - "notes": "increase modulus size to 3072 bits or larger" - }, - { - "name": "rsa-sha2-512", - "notes": "increase modulus size to 3072 bits or larger" - } - ] - }, - "del": { - "mac": [ - { - "name": "hmac-sha2-256", - "notes": "" - }, - { - "name": "hmac-sha2-512", - "notes": "" - }, - { - "name": "umac-128@openssh.com", - "notes": "" - }, - { - "name": "umac-64-etm@openssh.com", - "notes": "" - }, - { - "name": "umac-64@openssh.com", - "notes": "" - } - ] - } - } - }, - "target": "dummy-ssh.demo-targets.svc:22" + "warn": [ + "vulnerable to the Terrapin attack (CVE-2023-48795), allowing message prefix truncation" + ] + } + }, + { + "algorithm": "aes128-ctr", + "notes": { "info": ["available since OpenSSH 3.7, Dropbear SSH 0.52"] } + }, + { + "algorithm": "aes192-ctr", + "notes": { "info": ["available since OpenSSH 3.7"] } + }, + { + "algorithm": "aes256-ctr", + "notes": { "info": ["available since OpenSSH 3.7, Dropbear SSH 0.52"] } + }, + { + "algorithm": "aes128-gcm@openssh.com", + "notes": { "info": ["available since OpenSSH 6.2"] } + }, + { + "algorithm": "aes256-gcm@openssh.com", + "notes": { "info": ["available since OpenSSH 6.2"] } + } + ], + "fingerprints": [ + { + "hash": "pa+Jwax5syiezfL29o6j6uaWBoJeK/LZJ8OXUwPrE5A", + "hash_alg": "SHA256", + "hostkey": "ecdsa-sha2-nistp256" + }, + { + "hash": "f5:fb:82:83:cd:0e:1f:af:2a:45:17:0b:b7:3c:9f:ee", + "hash_alg": "MD5", + "hostkey": "ecdsa-sha2-nistp256" + }, + { + "hash": "eLwgzyjvrpwDbDr+pDbIfUhlNANB4DPH9/0w1vGa87E", + "hash_alg": "SHA256", + "hostkey": "ssh-ed25519" + }, + { + "hash": "c8:65:6b:d1:59:03:56:21:d9:0f:84:83:ce:ac:40:86", + "hash_alg": "MD5", + "hostkey": "ssh-ed25519" + }, + { + "hash": "MbRX/CgQyN6/p8/ZjORurfaJqDhu4VEIWfXo0BnxaCE", + "hash_alg": "SHA256", + "hostkey": "ssh-rsa" + }, + { + "hash": "a5:6f:62:26:81:03:b7:5e:06:48:10:04:79:4b:ac:32", + "hash_alg": "MD5", + "hostkey": "ssh-rsa" + } + ], + "kex": [ + { + "algorithm": "curve25519-sha256@libssh.org", + "notes": { + "info": [ + "default key exchange from OpenSSH 6.5 to 7.3", + "available since OpenSSH 6.4, Dropbear SSH 2013.62" + ] + } + }, + { + "algorithm": "ecdh-sha2-nistp256", + "notes": { + "fail": [ + "using elliptic curves that are suspected as being backdoored by the U.S. National Security Agency" + ], + "info": ["available since OpenSSH 5.7, Dropbear SSH 2013.62"] + } + }, + { + "algorithm": "ecdh-sha2-nistp384", + "notes": { + "fail": [ + "using elliptic curves that are suspected as being backdoored by the U.S. National Security Agency" + ], + "info": ["available since OpenSSH 5.7, Dropbear SSH 2013.62"] + } + }, + { + "algorithm": "ecdh-sha2-nistp521", + "notes": { + "fail": [ + "using elliptic curves that are suspected as being backdoored by the U.S. National Security Agency" + ], + "info": ["available since OpenSSH 5.7, Dropbear SSH 2013.62"] + } + }, + { + "algorithm": "diffie-hellman-group-exchange-sha256", + "keysize": 3072, + "notes": { + "info": [ + "OpenSSH's GEX fallback mechanism was triggered during testing. Very old SSH clients will still be able to create connections using a 2048-bit modulus, though modern clients will use 3072. This can only be disabled by recompiling the code (see https://github.com/openssh/openssh-portable/blob/V_9_4/dh.c#L477).", + "available since OpenSSH 4.4" + ] + } + }, + { + "algorithm": "diffie-hellman-group14-sha1", + "notes": { + "fail": ["using broken SHA-1 hash algorithm"], + "info": ["available since OpenSSH 3.9, Dropbear SSH 0.53"], + "warn": [ + "2048-bit modulus only provides 112-bits of symmetric strength" + ] + } + } + ], + "key": [ + { + "algorithm": "ssh-rsa", + "keysize": 2048, + "notes": { + "fail": ["using broken SHA-1 hash algorithm"], + "info": [ + "deprecated in OpenSSH 8.8: https://www.openssh.com/txt/release-8.8", + "available since OpenSSH 2.5.0, Dropbear SSH 0.28" + ], + "warn": [ + "2048-bit modulus only provides 112-bits of symmetric strength" + ] + } + }, + { + "algorithm": "rsa-sha2-512", + "keysize": 2048, + "notes": { + "info": ["available since OpenSSH 7.2"], + "warn": [ + "2048-bit modulus only provides 112-bits of symmetric strength" + ] + } + }, + { + "algorithm": "rsa-sha2-256", + "keysize": 2048, + "notes": { + "info": ["available since OpenSSH 7.2, Dropbear SSH 2020.79"], + "warn": [ + "2048-bit modulus only provides 112-bits of symmetric strength" + ] + } + }, + { + "algorithm": "ecdsa-sha2-nistp256", + "notes": { + "fail": [ + "using elliptic curves that are suspected as being backdoored by the U.S. National Security Agency" + ], + "info": ["available since OpenSSH 5.7, Dropbear SSH 2013.62"], + "warn": ["using weak random number generator could reveal the key"] + } + }, + { + "algorithm": "ssh-ed25519", + "notes": { "info": ["available since OpenSSH 6.5, Dropbear SSH 2020.79"] } + } + ], + "mac": [ + { + "algorithm": "umac-64-etm@openssh.com", + "notes": { + "info": ["available since OpenSSH 6.2"], + "warn": ["using small 64-bit tag size"] + } + }, + { + "algorithm": "umac-128-etm@openssh.com", + "notes": { "info": ["available since OpenSSH 6.2"] } + }, + { + "algorithm": "hmac-sha2-256-etm@openssh.com", + "notes": { "info": ["available since OpenSSH 6.2"] } + }, + { + "algorithm": "hmac-sha2-512-etm@openssh.com", + "notes": { "info": ["available since OpenSSH 6.2"] } + }, + { + "algorithm": "hmac-sha1-etm@openssh.com", + "notes": { + "fail": ["using broken SHA-1 hash algorithm"], + "info": ["available since OpenSSH 6.2"] + } + }, + { + "algorithm": "umac-64@openssh.com", + "notes": { + "info": ["available since OpenSSH 4.7"], + "warn": ["using encrypt-and-MAC mode", "using small 64-bit tag size"] + } + }, + { + "algorithm": "umac-128@openssh.com", + "notes": { + "info": ["available since OpenSSH 6.2"], + "warn": ["using encrypt-and-MAC mode"] + } + }, + { + "algorithm": "hmac-sha2-256", + "notes": { + "info": ["available since OpenSSH 5.9, Dropbear SSH 2013.56"], + "warn": ["using encrypt-and-MAC mode"] + } + }, + { + "algorithm": "hmac-sha2-512", + "notes": { + "info": ["available since OpenSSH 5.9, Dropbear SSH 2013.56"], + "warn": ["using encrypt-and-MAC mode"] + } + }, + { + "algorithm": "hmac-sha1", + "notes": { + "fail": ["using broken SHA-1 hash algorithm"], + "info": ["available since OpenSSH 2.1.0, Dropbear SSH 0.28"], + "warn": ["using encrypt-and-MAC mode"] + } + } + ], + "recommendations": { + "critical": { + "del": { + "kex": [ + { "name": "diffie-hellman-group14-sha1", "notes": "" }, + { "name": "ecdh-sha2-nistp256", "notes": "" }, + { "name": "ecdh-sha2-nistp384", "notes": "" }, + { "name": "ecdh-sha2-nistp521", "notes": "" } + ], + "key": [ + { "name": "ecdsa-sha2-nistp256", "notes": "" }, + { "name": "ssh-rsa", "notes": "" } + ], + "mac": [ + { "name": "hmac-sha1", "notes": "" }, + { "name": "hmac-sha1-etm@openssh.com", "notes": "" } + ] + } + }, + "warning": { + "chg": { + "key": [ + { + "name": "rsa-sha2-256", + "notes": "increase modulus size to 3072 bits or larger" + }, + { + "name": "rsa-sha2-512", + "notes": "increase modulus size to 3072 bits or larger" + } + ] + }, + "del": { + "enc": [{ "name": "chacha20-poly1305@openssh.com", "notes": "" }], + "mac": [ + { "name": "hmac-sha2-256", "notes": "" }, + { "name": "hmac-sha2-512", "notes": "" }, + { "name": "umac-128@openssh.com", "notes": "" }, + { "name": "umac-64-etm@openssh.com", "notes": "" }, + { "name": "umac-64@openssh.com", "notes": "" } + ] + } + } + }, + "target": "dummy-ssh.demo-targets.svc:22" } \ No newline at end of file diff --git a/scanners/ssh-audit/examples/port-example/findings.yaml b/scanners/ssh-audit/examples/port-example/findings.yaml index 004cbbb0d7..4ffc54ab4b 100644 --- a/scanners/ssh-audit/examples/port-example/findings.yaml +++ b/scanners/ssh-audit/examples/port-example/findings.yaml @@ -13,51 +13,200 @@ "port": "29683", "attributes": { - "hostname": null, - "ip_address": "127.0.0.1", - "server_banner": "SSH-2.0-OpenSSH_8.2p1", - "ssh_version": 2, - "ssh_lib_cpe": "OpenSSH_8.2p1", + "hostname": "127.0.0.1", + "ip_address": null, + "server_banner": "SSH-2.0-OpenSSH_8.9p1", + "ssh_version": "2.0", + "ssh_lib_cpe": "OpenSSH_8.9p1", "key_algorithms": [ - {"algorithm": "rsa-sha2-512", "keysize": 3072}, - {"algorithm": "rsa-sha2-256", "keysize": 3072}, - {"algorithm": "ssh-rsa", "keysize": 3072}, - {"algorithm": "ecdsa-sha2-nistp256"}, - {"algorithm": "ssh-ed25519"}, + { + "algorithm": "rsa-sha2-512", + "keysize": 3072, + "notes": {"info": ["available since OpenSSH 7.2"]}, + }, + { + "algorithm": "rsa-sha2-256", + "keysize": 3072, + "notes": + {"info": ["available since OpenSSH 7.2, Dropbear SSH 2020.79"]}, + }, + { + "algorithm": "ecdsa-sha2-nistp256", + "notes": + { + "fail": + [ + "using elliptic curves that are suspected as being backdoored by the U.S. National Security Agency", + ], + "info": ["available since OpenSSH 5.7, Dropbear SSH 2013.62"], + "warn": + ["using weak random number generator could reveal the key"], + }, + }, + { + "algorithm": "ssh-ed25519", + "notes": + {"info": ["available since OpenSSH 6.5, Dropbear SSH 2020.79"]}, + }, ], "encryption_algorithms": [ - "chacha20-poly1305@openssh.com", - "aes256-gcm@openssh.com", - "aes128-gcm@openssh.com", - "aes256-ctr", - "aes192-ctr", - "aes128-ctr", + { + "algorithm": "chacha20-poly1305@openssh.com", + "notes": + { + "info": + [ + "default cipher since OpenSSH 6.9", + "available since OpenSSH 6.5, Dropbear SSH 2020.79", + ], + }, + }, + { + "algorithm": "aes256-gcm@openssh.com", + "notes": {"info": ["available since OpenSSH 6.2"]}, + }, + { + "algorithm": "aes128-gcm@openssh.com", + "notes": {"info": ["available since OpenSSH 6.2"]}, + }, + { + "algorithm": "aes256-ctr", + "notes": + {"info": ["available since OpenSSH 3.7, Dropbear SSH 0.52"]}, + }, + { + "algorithm": "aes192-ctr", + "notes": {"info": ["available since OpenSSH 3.7"]}, + }, + { + "algorithm": "aes128-ctr", + "notes": + {"info": ["available since OpenSSH 3.7, Dropbear SSH 0.52"]}, + }, ], "mac_algorithms": [ - "hmac-sha2-512-etm@openssh.com", - "hmac-sha2-256-etm@openssh.com", - "umac-128-etm@openssh.com", - "umac-128@openssh.com", - "hmac-sha2-512", - "hmac-sha2-256", + { + "algorithm": "hmac-sha2-512-etm@openssh.com", + "notes": {"info": ["available since OpenSSH 6.2"]}, + }, + { + "algorithm": "hmac-sha2-256-etm@openssh.com", + "notes": {"info": ["available since OpenSSH 6.2"]}, + }, + { + "algorithm": "umac-128-etm@openssh.com", + "notes": {"info": ["available since OpenSSH 6.2"]}, + }, + { + "algorithm": "umac-128@openssh.com", + "notes": + { + "info": ["available since OpenSSH 6.2"], + "warn": ["using encrypt-and-MAC mode"], + }, + }, + { + "algorithm": "hmac-sha2-512", + "notes": + { + "info": ["available since OpenSSH 5.9, Dropbear SSH 2013.56"], + "warn": ["using encrypt-and-MAC mode"], + }, + }, + { + "algorithm": "hmac-sha2-256", + "notes": + { + "info": ["available since OpenSSH 5.9, Dropbear SSH 2013.56"], + "warn": ["using encrypt-and-MAC mode"], + }, + }, ], "compression_algorithms": ["none"], "key_exchange_algorithms": [ - {"algorithm": "curve25519-sha256@libssh.org"}, + { + "algorithm": "curve25519-sha256@libssh.org", + "notes": + { + "info": + [ + "default key exchange from OpenSSH 6.5 to 7.3", + "available since OpenSSH 6.4, Dropbear SSH 2013.62", + ], + }, + }, { "algorithm": "diffie-hellman-group-exchange-sha256", - "keysize": 2048, + "keysize": 3072, + "notes": + { + "info": + [ + "OpenSSH's GEX fallback mechanism was triggered during testing. Very old SSH clients will still be able to create connections using a 2048-bit modulus, though modern clients will use 3072. This can only be disabled by recompiling the code (see https://github.com/openssh/openssh-portable/blob/V_9_4/dh.c#L477).", + "available since OpenSSH 4.4", + ], + }, + }, + { + "algorithm": "ecdh-sha2-nistp521", + "notes": + { + "fail": + [ + "using elliptic curves that are suspected as being backdoored by the U.S. National Security Agency", + ], + "info": ["available since OpenSSH 5.7, Dropbear SSH 2013.62"], + }, + }, + { + "algorithm": "ecdh-sha2-nistp384", + "notes": + { + "fail": + [ + "using elliptic curves that are suspected as being backdoored by the U.S. National Security Agency", + ], + "info": ["available since OpenSSH 5.7, Dropbear SSH 2013.62"], + }, + }, + { + "algorithm": "ecdh-sha2-nistp256", + "notes": + { + "fail": + [ + "using elliptic curves that are suspected as being backdoored by the U.S. National Security Agency", + ], + "info": ["available since OpenSSH 5.7, Dropbear SSH 2013.62"], + }, + }, + { + "algorithm": "kex-strict-s-v00@openssh.com", + "notes": + { + "info": + [ + "pseudo-algorithm that denotes the peer supports a stricter key exchange method as a counter-measure to the Terrapin attack (CVE-2023-48795)", + ], + }, }, - {"algorithm": "ecdh-sha2-nistp521"}, - {"algorithm": "ecdh-sha2-nistp384"}, - {"algorithm": "ecdh-sha2-nistp256"}, ], "fingerprints": [ + { + "hash": "WrPtjtUCUKDiCnCXydph/tHIISUeJiLMLwdBLpfI2KU", + "hash_alg": "SHA256", + "hostkey": "ecdsa-sha2-nistp256", + }, + { + "hash": "ed:ea:4c:10:1a:37:41:5f:dd:84:29:4b:ba:ab:8a:27", + "hash_alg": "MD5", + "hostkey": "ecdsa-sha2-nistp256", + }, { "hash": "zDyiQDFSdBbKGL0vFgMWa0cdEI1R4QGtkEMHY/BlqT0", "hash_alg": "SHA256", @@ -80,8 +229,8 @@ }, ], }, - "id": "db665096-f1a6-4f2b-b51d-77c79ff71df5", - "parsed_at": "2023-05-11T08:50:57.430Z", + "id": "b67fbf0f-a155-4a61-8d93-07dec82791cb", + "parsed_at": "2024-12-06T13:40:41.412Z", }, { "name": "Insecure SSH KEX Algorithms", @@ -95,8 +244,8 @@ "algorithms": ["ecdh-sha2-nistp256", "ecdh-sha2-nistp384", "ecdh-sha2-nistp521"], }, - "id": "5d037bd0-dcea-4b88-b041-0ec8f206397f", - "parsed_at": "2023-05-11T08:50:57.430Z", + "id": "13a450b2-7f35-46d6-a5ec-d5783d7127b8", + "parsed_at": "2024-12-06T13:40:41.428Z", }, { "name": "Insecure SSH Key Algorithms", @@ -105,9 +254,9 @@ "severity": "HIGH", "category": "SSH Policy Violation", "location": "ssh://127.0.0.1", - "attributes": {"algorithms": ["ecdsa-sha2-nistp256", "ssh-rsa"]}, - "id": "66608534-102d-46db-adf1-d864af4a2378", - "parsed_at": "2023-05-11T08:50:57.430Z", + "attributes": {"algorithms": ["ecdsa-sha2-nistp256"]}, + "id": "7b956353-6d69-4480-bde1-41c237e2e88a", + "parsed_at": "2024-12-06T13:40:41.428Z", }, { "name": "SSH KEX Algorithms must be added", @@ -123,10 +272,11 @@ "curve25519-sha256", "diffie-hellman-group16-sha512", "diffie-hellman-group18-sha512", + "sntrup761x25519-sha512@openssh.com", ], }, - "id": "baa8ec32-b2f9-4081-b725-0203efd3ea3e", - "parsed_at": "2023-05-11T08:50:57.430Z", + "id": "ace0c10c-19bd-4956-a01a-91bc4a81c36c", + "parsed_at": "2024-12-06T13:40:41.428Z", }, { "name": "Insecure SSH MAC Algorithms", @@ -140,61 +290,7 @@ "algorithms": ["hmac-sha2-256", "hmac-sha2-512", "umac-128@openssh.com"], }, - "id": "7e1bf6ee-a74d-409c-9dcc-20e66162ab5b", - "parsed_at": "2023-05-11T08:50:57.430Z", - }, - { - "name": "CVE-2021-41617", - "description": "privilege escalation via supplemental groups", - "category": "SSH Violation", - "location": "ssh://127.0.0.1", - "severity": "HIGH", - "attributes": {"cvssv2": 7}, - "references": - [ - {"type": "CVE", "value": "CVE-2021-41617"}, - { - "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-41617", - }, - ], - "id": "7475dd22-b8b6-49be-8277-e6a3d574b556", - "parsed_at": "2023-05-11T08:50:57.430Z", - }, - { - "name": "CVE-2020-15778", - "description": "command injection via anomalous argument transfers", - "category": "SSH Violation", - "location": "ssh://127.0.0.1", - "severity": "HIGH", - "attributes": {"cvssv2": 7.8}, - "references": - [ - {"type": "CVE", "value": "CVE-2020-15778"}, - { - "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-15778", - }, - ], - "id": "6d2b751b-8839-4172-a43f-e22d3426cf01", - "parsed_at": "2023-05-11T08:50:57.430Z", - }, - { - "name": "CVE-2016-20012", - "description": "enumerate usernames via challenge response", - "category": "SSH Violation", - "location": "ssh://127.0.0.1", - "severity": "MEDIUM", - "attributes": {"cvssv2": 5.3}, - "references": - [ - {"type": "CVE", "value": "CVE-2016-20012"}, - { - "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2016-20012", - }, - ], - "id": "d4a5a676-5bf2-4df6-bac0-f479e0a88fbd", - "parsed_at": "2023-05-11T08:50:57.430Z", + "id": "13c38794-58d3-4de6-b823-82407e21aa87", + "parsed_at": "2024-12-06T13:40:41.428Z", }, -] +] \ No newline at end of file diff --git a/scanners/ssh-audit/examples/port-example/ssh-audit-result.json b/scanners/ssh-audit/examples/port-example/ssh-audit-result.json index b5cb53cf6f..43593d6dd1 100644 --- a/scanners/ssh-audit/examples/port-example/ssh-audit-result.json +++ b/scanners/ssh-audit/examples/port-example/ssh-audit-result.json @@ -1,174 +1,226 @@ { - "banner": { - "comments": null, - "protocol": [ - 2, - 0 + "additional_notes": [ + "Be aware that, while this target properly supports the strict key exchange method (via the kex-strict-?-v00@openssh.com marker) needed to protect against the Terrapin vulnerability (CVE-2023-48795), all peers must also support this feature as well, otherwise the vulnerability will still be present. The following algorithms would allow an unpatched peer to create vulnerable SSH channels with this target: chacha20-poly1305@openssh.com. If any CBC ciphers are in this list, you may remove them while leaving the *-etm@openssh.com MACs in place; these MACs are fine while paired with non-CBC cipher types.", + "Potentially insufficient connection throttling detected, resulting in possible vulnerability to the DHEat DoS attack (CVE-2002-20001). 38 connections were created in 0.348 seconds, or 109.1 conns/sec; server must respond with a rate less than 20.0 conns/sec per IPv4/IPv6 source address to be considered safe. For rate-throttling options, please see . Be aware that using 'PerSourceMaxStartups 1' properly protects the server from this attack, but will cause this test to yield a false positive. Suppress this test and message with the --skip-rate-test option." + ], + "banner": { + "comments": null, + "protocol": "2.0", + "raw": "SSH-2.0-OpenSSH_8.9p1", + "software": "OpenSSH_8.9p1" + }, + "compression": ["none"], + "cves": [], + "enc": [ + { + "algorithm": "chacha20-poly1305@openssh.com", + "notes": { + "info": [ + "default cipher since OpenSSH 6.9", + "available since OpenSSH 6.5, Dropbear SSH 2020.79" + ] + } + }, + { + "algorithm": "aes256-gcm@openssh.com", + "notes": { "info": ["available since OpenSSH 6.2"] } + }, + { + "algorithm": "aes128-gcm@openssh.com", + "notes": { "info": ["available since OpenSSH 6.2"] } + }, + { + "algorithm": "aes256-ctr", + "notes": { "info": ["available since OpenSSH 3.7, Dropbear SSH 0.52"] } + }, + { + "algorithm": "aes192-ctr", + "notes": { "info": ["available since OpenSSH 3.7"] } + }, + { + "algorithm": "aes128-ctr", + "notes": { "info": ["available since OpenSSH 3.7, Dropbear SSH 0.52"] } + } + ], + "fingerprints": [ + { + "hash": "WrPtjtUCUKDiCnCXydph/tHIISUeJiLMLwdBLpfI2KU", + "hash_alg": "SHA256", + "hostkey": "ecdsa-sha2-nistp256" + }, + { + "hash": "ed:ea:4c:10:1a:37:41:5f:dd:84:29:4b:ba:ab:8a:27", + "hash_alg": "MD5", + "hostkey": "ecdsa-sha2-nistp256" + }, + { + "hash": "zDyiQDFSdBbKGL0vFgMWa0cdEI1R4QGtkEMHY/BlqT0", + "hash_alg": "SHA256", + "hostkey": "ssh-ed25519" + }, + { + "hash": "c8:2c:ee:3b:bc:ae:0e:8b:0d:6f:f2:b6:77:25:69:aa", + "hash_alg": "MD5", + "hostkey": "ssh-ed25519" + }, + { + "hash": "khLYpAPy+wFXAh+p6PBgNrmO4Qjs0KIDBuyb83m/1j4", + "hash_alg": "SHA256", + "hostkey": "ssh-rsa" + }, + { + "hash": "62:b4:fe:be:11:54:61:6b:c3:b8:e4:98:f3:41:84:73", + "hash_alg": "MD5", + "hostkey": "ssh-rsa" + } + ], + "kex": [ + { + "algorithm": "curve25519-sha256@libssh.org", + "notes": { + "info": [ + "default key exchange from OpenSSH 6.5 to 7.3", + "available since OpenSSH 6.4, Dropbear SSH 2013.62" + ] + } + }, + { + "algorithm": "diffie-hellman-group-exchange-sha256", + "keysize": 3072, + "notes": { + "info": [ + "OpenSSH's GEX fallback mechanism was triggered during testing. Very old SSH clients will still be able to create connections using a 2048-bit modulus, though modern clients will use 3072. This can only be disabled by recompiling the code (see https://github.com/openssh/openssh-portable/blob/V_9_4/dh.c#L477).", + "available since OpenSSH 4.4" + ] + } + }, + { + "algorithm": "ecdh-sha2-nistp521", + "notes": { + "fail": [ + "using elliptic curves that are suspected as being backdoored by the U.S. National Security Agency" ], - "raw": "SSH-2.0-OpenSSH_8.2p1", - "software": "OpenSSH_8.2p1" - }, - "compression": [ - "none" - ], - "cves": [ - { - "cvssv2": 7.0, - "description": "privilege escalation via supplemental groups", - "name": "CVE-2021-41617" - }, - { - "cvssv2": 7.8, - "description": "command injection via anomalous argument transfers", - "name": "CVE-2020-15778" - }, - { - "cvssv2": 5.3, - "description": "enumerate usernames via challenge response", - "name": "CVE-2016-20012" - } - ], - "enc": [ - "chacha20-poly1305@openssh.com", - "aes256-gcm@openssh.com", - "aes128-gcm@openssh.com", - "aes256-ctr", - "aes192-ctr", - "aes128-ctr" - ], - "fingerprints": [ - { - "hash": "zDyiQDFSdBbKGL0vFgMWa0cdEI1R4QGtkEMHY/BlqT0", - "hash_alg": "SHA256", - "hostkey": "ssh-ed25519" - }, - { - "hash": "c8:2c:ee:3b:bc:ae:0e:8b:0d:6f:f2:b6:77:25:69:aa", - "hash_alg": "MD5", - "hostkey": "ssh-ed25519" - }, - { - "hash": "khLYpAPy+wFXAh+p6PBgNrmO4Qjs0KIDBuyb83m/1j4", - "hash_alg": "SHA256", - "hostkey": "ssh-rsa" - }, - { - "hash": "62:b4:fe:be:11:54:61:6b:c3:b8:e4:98:f3:41:84:73", - "hash_alg": "MD5", - "hostkey": "ssh-rsa" - } - ], - "kex": [ - { - "algorithm": "curve25519-sha256@libssh.org" - }, - { - "algorithm": "diffie-hellman-group-exchange-sha256", - "keysize": 2048 - }, - { - "algorithm": "ecdh-sha2-nistp521" - }, - { - "algorithm": "ecdh-sha2-nistp384" - }, - { - "algorithm": "ecdh-sha2-nistp256" - } - ], - "key": [ - { - "algorithm": "rsa-sha2-512", - "keysize": 3072 - }, - { - "algorithm": "rsa-sha2-256", - "keysize": 3072 - }, - { - "algorithm": "ssh-rsa", - "keysize": 3072 - }, - { - "algorithm": "ecdsa-sha2-nistp256" - }, - { - "algorithm": "ssh-ed25519" - } - ], - "mac": [ - "hmac-sha2-512-etm@openssh.com", - "hmac-sha2-256-etm@openssh.com", - "umac-128-etm@openssh.com", - "umac-128@openssh.com", - "hmac-sha2-512", - "hmac-sha2-256" - ], - "recommendations": { - "critical": { - "del": { - "kex": [ - { - "name": "ecdh-sha2-nistp256", - "notes": "" - }, - { - "name": "ecdh-sha2-nistp384", - "notes": "" - }, - { - "name": "ecdh-sha2-nistp521", - "notes": "" - } - ], - "key": [ - { - "name": "ecdsa-sha2-nistp256", - "notes": "" - }, - { - "name": "ssh-rsa", - "notes": "" - } - ] - } - }, - "informational": { - "add": { - "kex": [ - { - "name": "curve25519-sha256", - "notes": "" - }, - { - "name": "diffie-hellman-group16-sha512", - "notes": "" - }, - { - "name": "diffie-hellman-group18-sha512", - "notes": "" - } - ] - } - }, - "warning": { - "del": { - "mac": [ - { - "name": "hmac-sha2-256", - "notes": "" - }, - { - "name": "hmac-sha2-512", - "notes": "" - }, - { - "name": "umac-128@openssh.com", - "notes": "" - } - ] - } - } - }, - "target": "127.0.0.1:29683" -} \ No newline at end of file + "info": ["available since OpenSSH 5.7, Dropbear SSH 2013.62"] + } + }, + { + "algorithm": "ecdh-sha2-nistp384", + "notes": { + "fail": [ + "using elliptic curves that are suspected as being backdoored by the U.S. National Security Agency" + ], + "info": ["available since OpenSSH 5.7, Dropbear SSH 2013.62"] + } + }, + { + "algorithm": "ecdh-sha2-nistp256", + "notes": { + "fail": [ + "using elliptic curves that are suspected as being backdoored by the U.S. National Security Agency" + ], + "info": ["available since OpenSSH 5.7, Dropbear SSH 2013.62"] + } + }, + { + "algorithm": "kex-strict-s-v00@openssh.com", + "notes": { + "info": [ + "pseudo-algorithm that denotes the peer supports a stricter key exchange method as a counter-measure to the Terrapin attack (CVE-2023-48795)" + ] + } + } + ], + "key": [ + { + "algorithm": "rsa-sha2-512", + "keysize": 3072, + "notes": { "info": ["available since OpenSSH 7.2"] } + }, + { + "algorithm": "rsa-sha2-256", + "keysize": 3072, + "notes": { "info": ["available since OpenSSH 7.2, Dropbear SSH 2020.79"] } + }, + { + "algorithm": "ecdsa-sha2-nistp256", + "notes": { + "fail": [ + "using elliptic curves that are suspected as being backdoored by the U.S. National Security Agency" + ], + "info": ["available since OpenSSH 5.7, Dropbear SSH 2013.62"], + "warn": ["using weak random number generator could reveal the key"] + } + }, + { + "algorithm": "ssh-ed25519", + "notes": { "info": ["available since OpenSSH 6.5, Dropbear SSH 2020.79"] } + } + ], + "mac": [ + { + "algorithm": "hmac-sha2-512-etm@openssh.com", + "notes": { "info": ["available since OpenSSH 6.2"] } + }, + { + "algorithm": "hmac-sha2-256-etm@openssh.com", + "notes": { "info": ["available since OpenSSH 6.2"] } + }, + { + "algorithm": "umac-128-etm@openssh.com", + "notes": { "info": ["available since OpenSSH 6.2"] } + }, + { + "algorithm": "umac-128@openssh.com", + "notes": { + "info": ["available since OpenSSH 6.2"], + "warn": ["using encrypt-and-MAC mode"] + } + }, + { + "algorithm": "hmac-sha2-512", + "notes": { + "info": ["available since OpenSSH 5.9, Dropbear SSH 2013.56"], + "warn": ["using encrypt-and-MAC mode"] + } + }, + { + "algorithm": "hmac-sha2-256", + "notes": { + "info": ["available since OpenSSH 5.9, Dropbear SSH 2013.56"], + "warn": ["using encrypt-and-MAC mode"] + } + } + ], + "recommendations": { + "critical": { + "del": { + "kex": [ + { "name": "ecdh-sha2-nistp256", "notes": "" }, + { "name": "ecdh-sha2-nistp384", "notes": "" }, + { "name": "ecdh-sha2-nistp521", "notes": "" } + ], + "key": [{ "name": "ecdsa-sha2-nistp256", "notes": "" }] + } + }, + "informational": { + "add": { + "kex": [ + { "name": "curve25519-sha256", "notes": "" }, + { "name": "diffie-hellman-group16-sha512", "notes": "" }, + { "name": "diffie-hellman-group18-sha512", "notes": "" }, + { "name": "sntrup761x25519-sha512@openssh.com", "notes": "" } + ] + } + }, + "warning": { + "del": { + "mac": [ + { "name": "hmac-sha2-256", "notes": "" }, + { "name": "hmac-sha2-512", "notes": "" }, + { "name": "umac-128@openssh.com", "notes": "" } + ] + } + } + }, + "target": "127.0.0.1:29683" +} diff --git a/scanners/ssh-audit/integration-tests/ssh-audit.test.js b/scanners/ssh-audit/integration-tests/ssh-audit.test.js index 01ecdb5849..38c2238e74 100644 --- a/scanners/ssh-audit/integration-tests/ssh-audit.test.js +++ b/scanners/ssh-audit/integration-tests/ssh-audit.test.js @@ -15,19 +15,18 @@ test( ["dummy-ssh.demo-targets.svc"], 90 ); - expect(count).toBe(14); + expect(count).toBe(7); expect(categories).toMatchInlineSnapshot(` - { - "SSH Policy Violation": 6, - "SSH Service": 1, - "SSH Violation": 7, - } + { + "SSH Policy Violation": 6, + "SSH Service": 1, + } `); expect(severities).toMatchInlineSnapshot(` { - "high": 7, + "high": 3, "informational": 1, - "medium": 6, + "medium": 3, } `); }, diff --git a/scanners/ssh-audit/parser/__testFiles__/dummy-ssh.json b/scanners/ssh-audit/parser/__testFiles__/dummy-ssh.json index 15e01c1323..5e722fc771 100644 --- a/scanners/ssh-audit/parser/__testFiles__/dummy-ssh.json +++ b/scanners/ssh-audit/parser/__testFiles__/dummy-ssh.json @@ -1,218 +1,296 @@ { - "banner": { - "comments": "Ubuntu-4ubuntu2.8", - "protocol": [ - 2, - 0 + "additional_notes": [ + "Potentially insufficient connection throttling detected, resulting in possible vulnerability to the DHEat DoS attack (CVE-2002-20001). 38 connections were created in 0.202 seconds, or 188.1 conns/sec; server must respond with a rate less than 20.0 conns/sec per IPv4/IPv6 source address to be considered safe. For rate-throttling options, please see . Be aware that using 'PerSourceMaxStartups 1' properly protects the server from this attack, but will cause this test to yield a false positive. Suppress this test and message with the --skip-rate-test option." + ], + "banner": { + "comments": "Ubuntu-4ubuntu2.8", + "protocol": "2.0", + "raw": "SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.8", + "software": "OpenSSH_7.2p2" + }, + "compression": ["none", "zlib@openssh.com"], + "cves": [], + "enc": [ + { + "algorithm": "chacha20-poly1305@openssh.com", + "notes": { + "info": [ + "default cipher since OpenSSH 6.9", + "available since OpenSSH 6.5, Dropbear SSH 2020.79" ], - "raw": "SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.8", - "software": "OpenSSH_7.2p2" - }, - "compression": [ - "none", - "zlib@openssh.com" - ], - "cves": [ - { - "cvssv2": 7.0, - "description": "privilege escalation via supplemental groups", - "name": "CVE-2021-41617" - }, - { - "cvssv2": 7.8, - "description": "command injection via anomalous argument transfers", - "name": "CVE-2020-15778" - }, - { - "cvssv2": 5.3, - "description": "username enumeration via GS2", - "name": "CVE-2018-15919" - }, - { - "cvssv2": 5.3, - "description": "enumerate usernames due to timing discrepancies", - "name": "CVE-2018-15473" - }, - { - "cvssv2": 5.3, - "description": "enumerate usernames via challenge response", - "name": "CVE-2016-20012" - }, - { - "cvssv2": 7.8, - "description": "cause DoS via long password string (crypt CPU consumption)", - "name": "CVE-2016-6515" - }, - { - "cvssv2": 7.2, - "description": "privilege escalation via triggering crafted environment", - "name": "CVE-2015-8325" - } - ], - "enc": [ - "chacha20-poly1305@openssh.com", - "aes128-ctr", - "aes192-ctr", - "aes256-ctr", - "aes128-gcm@openssh.com", - "aes256-gcm@openssh.com" - ], - "fingerprints": [ - { - "hash": "eLwgzyjvrpwDbDr+pDbIfUhlNANB4DPH9/0w1vGa87E", - "hash_alg": "SHA256", - "hostkey": "ssh-ed25519" - }, - { - "hash": "c8:65:6b:d1:59:03:56:21:d9:0f:84:83:ce:ac:40:86", - "hash_alg": "MD5", - "hostkey": "ssh-ed25519" - }, - { - "hash": "MbRX/CgQyN6/p8/ZjORurfaJqDhu4VEIWfXo0BnxaCE", - "hash_alg": "SHA256", - "hostkey": "ssh-rsa" - }, - { - "hash": "a5:6f:62:26:81:03:b7:5e:06:48:10:04:79:4b:ac:32", - "hash_alg": "MD5", - "hostkey": "ssh-rsa" - } - ], - "kex": [ - { - "algorithm": "curve25519-sha256@libssh.org" - }, - { - "algorithm": "ecdh-sha2-nistp256" - }, - { - "algorithm": "ecdh-sha2-nistp384" - }, - { - "algorithm": "ecdh-sha2-nistp521" - }, - { - "algorithm": "diffie-hellman-group-exchange-sha256", - "keysize": 2048 - }, - { - "algorithm": "diffie-hellman-group14-sha1" - } - ], - "key": [ - { - "algorithm": "ssh-rsa", - "keysize": 2048 - }, - { - "algorithm": "rsa-sha2-512", - "keysize": 2048 - }, - { - "algorithm": "rsa-sha2-256", - "keysize": 2048 - }, - { - "algorithm": "ecdsa-sha2-nistp256" - }, - { - "algorithm": "ssh-ed25519" - } - ], - "mac": [ - "umac-64-etm@openssh.com", - "umac-128-etm@openssh.com", - "hmac-sha2-256-etm@openssh.com", - "hmac-sha2-512-etm@openssh.com", - "hmac-sha1-etm@openssh.com", - "umac-64@openssh.com", - "umac-128@openssh.com", - "hmac-sha2-256", - "hmac-sha2-512", - "hmac-sha1" - ], - "recommendations": { - "critical": { - "del": { - "kex": [ - { - "name": "diffie-hellman-group14-sha1", - "notes": "" - }, - { - "name": "ecdh-sha2-nistp256", - "notes": "" - }, - { - "name": "ecdh-sha2-nistp384", - "notes": "" - }, - { - "name": "ecdh-sha2-nistp521", - "notes": "" - } - ], - "key": [ - { - "name": "ecdsa-sha2-nistp256", - "notes": "" - }, - { - "name": "ssh-rsa", - "notes": "" - } - ], - "mac": [ - { - "name": "hmac-sha1", - "notes": "" - }, - { - "name": "hmac-sha1-etm@openssh.com", - "notes": "" - } - ] - } - }, - "warning": { - "chg": { - "key": [ - { - "name": "rsa-sha2-256", - "notes": "increase modulus size to 3072 bits or larger" - }, - { - "name": "rsa-sha2-512", - "notes": "increase modulus size to 3072 bits or larger" - } - ] - }, - "del": { - "mac": [ - { - "name": "hmac-sha2-256", - "notes": "" - }, - { - "name": "hmac-sha2-512", - "notes": "" - }, - { - "name": "umac-128@openssh.com", - "notes": "" - }, - { - "name": "umac-64-etm@openssh.com", - "notes": "" - }, - { - "name": "umac-64@openssh.com", - "notes": "" - } - ] - } - } - }, - "target": "dummy-ssh.demo-targets.svc:22" + "warn": [ + "vulnerable to the Terrapin attack (CVE-2023-48795), allowing message prefix truncation" + ] + } + }, + { + "algorithm": "aes128-ctr", + "notes": { "info": ["available since OpenSSH 3.7, Dropbear SSH 0.52"] } + }, + { + "algorithm": "aes192-ctr", + "notes": { "info": ["available since OpenSSH 3.7"] } + }, + { + "algorithm": "aes256-ctr", + "notes": { "info": ["available since OpenSSH 3.7, Dropbear SSH 0.52"] } + }, + { + "algorithm": "aes128-gcm@openssh.com", + "notes": { "info": ["available since OpenSSH 6.2"] } + }, + { + "algorithm": "aes256-gcm@openssh.com", + "notes": { "info": ["available since OpenSSH 6.2"] } + } + ], + "fingerprints": [ + { + "hash": "pa+Jwax5syiezfL29o6j6uaWBoJeK/LZJ8OXUwPrE5A", + "hash_alg": "SHA256", + "hostkey": "ecdsa-sha2-nistp256" + }, + { + "hash": "f5:fb:82:83:cd:0e:1f:af:2a:45:17:0b:b7:3c:9f:ee", + "hash_alg": "MD5", + "hostkey": "ecdsa-sha2-nistp256" + }, + { + "hash": "eLwgzyjvrpwDbDr+pDbIfUhlNANB4DPH9/0w1vGa87E", + "hash_alg": "SHA256", + "hostkey": "ssh-ed25519" + }, + { + "hash": "c8:65:6b:d1:59:03:56:21:d9:0f:84:83:ce:ac:40:86", + "hash_alg": "MD5", + "hostkey": "ssh-ed25519" + }, + { + "hash": "MbRX/CgQyN6/p8/ZjORurfaJqDhu4VEIWfXo0BnxaCE", + "hash_alg": "SHA256", + "hostkey": "ssh-rsa" + }, + { + "hash": "a5:6f:62:26:81:03:b7:5e:06:48:10:04:79:4b:ac:32", + "hash_alg": "MD5", + "hostkey": "ssh-rsa" + } + ], + "kex": [ + { + "algorithm": "curve25519-sha256@libssh.org", + "notes": { + "info": [ + "default key exchange from OpenSSH 6.5 to 7.3", + "available since OpenSSH 6.4, Dropbear SSH 2013.62" + ] + } + }, + { + "algorithm": "ecdh-sha2-nistp256", + "notes": { + "fail": [ + "using elliptic curves that are suspected as being backdoored by the U.S. National Security Agency" + ], + "info": ["available since OpenSSH 5.7, Dropbear SSH 2013.62"] + } + }, + { + "algorithm": "ecdh-sha2-nistp384", + "notes": { + "fail": [ + "using elliptic curves that are suspected as being backdoored by the U.S. National Security Agency" + ], + "info": ["available since OpenSSH 5.7, Dropbear SSH 2013.62"] + } + }, + { + "algorithm": "ecdh-sha2-nistp521", + "notes": { + "fail": [ + "using elliptic curves that are suspected as being backdoored by the U.S. National Security Agency" + ], + "info": ["available since OpenSSH 5.7, Dropbear SSH 2013.62"] + } + }, + { + "algorithm": "diffie-hellman-group-exchange-sha256", + "keysize": 3072, + "notes": { + "info": [ + "OpenSSH's GEX fallback mechanism was triggered during testing. Very old SSH clients will still be able to create connections using a 2048-bit modulus, though modern clients will use 3072. This can only be disabled by recompiling the code (see https://github.com/openssh/openssh-portable/blob/V_9_4/dh.c#L477).", + "available since OpenSSH 4.4" + ] + } + }, + { + "algorithm": "diffie-hellman-group14-sha1", + "notes": { + "fail": ["using broken SHA-1 hash algorithm"], + "info": ["available since OpenSSH 3.9, Dropbear SSH 0.53"], + "warn": [ + "2048-bit modulus only provides 112-bits of symmetric strength" + ] + } + } + ], + "key": [ + { + "algorithm": "ssh-rsa", + "keysize": 2048, + "notes": { + "fail": ["using broken SHA-1 hash algorithm"], + "info": [ + "deprecated in OpenSSH 8.8: https://www.openssh.com/txt/release-8.8", + "available since OpenSSH 2.5.0, Dropbear SSH 0.28" + ], + "warn": [ + "2048-bit modulus only provides 112-bits of symmetric strength" + ] + } + }, + { + "algorithm": "rsa-sha2-512", + "keysize": 2048, + "notes": { + "info": ["available since OpenSSH 7.2"], + "warn": [ + "2048-bit modulus only provides 112-bits of symmetric strength" + ] + } + }, + { + "algorithm": "rsa-sha2-256", + "keysize": 2048, + "notes": { + "info": ["available since OpenSSH 7.2, Dropbear SSH 2020.79"], + "warn": [ + "2048-bit modulus only provides 112-bits of symmetric strength" + ] + } + }, + { + "algorithm": "ecdsa-sha2-nistp256", + "notes": { + "fail": [ + "using elliptic curves that are suspected as being backdoored by the U.S. National Security Agency" + ], + "info": ["available since OpenSSH 5.7, Dropbear SSH 2013.62"], + "warn": ["using weak random number generator could reveal the key"] + } + }, + { + "algorithm": "ssh-ed25519", + "notes": { "info": ["available since OpenSSH 6.5, Dropbear SSH 2020.79"] } + } + ], + "mac": [ + { + "algorithm": "umac-64-etm@openssh.com", + "notes": { + "info": ["available since OpenSSH 6.2"], + "warn": ["using small 64-bit tag size"] + } + }, + { + "algorithm": "umac-128-etm@openssh.com", + "notes": { "info": ["available since OpenSSH 6.2"] } + }, + { + "algorithm": "hmac-sha2-256-etm@openssh.com", + "notes": { "info": ["available since OpenSSH 6.2"] } + }, + { + "algorithm": "hmac-sha2-512-etm@openssh.com", + "notes": { "info": ["available since OpenSSH 6.2"] } + }, + { + "algorithm": "hmac-sha1-etm@openssh.com", + "notes": { + "fail": ["using broken SHA-1 hash algorithm"], + "info": ["available since OpenSSH 6.2"] + } + }, + { + "algorithm": "umac-64@openssh.com", + "notes": { + "info": ["available since OpenSSH 4.7"], + "warn": ["using encrypt-and-MAC mode", "using small 64-bit tag size"] + } + }, + { + "algorithm": "umac-128@openssh.com", + "notes": { + "info": ["available since OpenSSH 6.2"], + "warn": ["using encrypt-and-MAC mode"] + } + }, + { + "algorithm": "hmac-sha2-256", + "notes": { + "info": ["available since OpenSSH 5.9, Dropbear SSH 2013.56"], + "warn": ["using encrypt-and-MAC mode"] + } + }, + { + "algorithm": "hmac-sha2-512", + "notes": { + "info": ["available since OpenSSH 5.9, Dropbear SSH 2013.56"], + "warn": ["using encrypt-and-MAC mode"] + } + }, + { + "algorithm": "hmac-sha1", + "notes": { + "fail": ["using broken SHA-1 hash algorithm"], + "info": ["available since OpenSSH 2.1.0, Dropbear SSH 0.28"], + "warn": ["using encrypt-and-MAC mode"] + } + } + ], + "recommendations": { + "critical": { + "del": { + "kex": [ + { "name": "diffie-hellman-group14-sha1", "notes": "" }, + { "name": "ecdh-sha2-nistp256", "notes": "" }, + { "name": "ecdh-sha2-nistp384", "notes": "" }, + { "name": "ecdh-sha2-nistp521", "notes": "" } + ], + "key": [ + { "name": "ecdsa-sha2-nistp256", "notes": "" }, + { "name": "ssh-rsa", "notes": "" } + ], + "mac": [ + { "name": "hmac-sha1", "notes": "" }, + { "name": "hmac-sha1-etm@openssh.com", "notes": "" } + ] + } + }, + "warning": { + "chg": { + "key": [ + { + "name": "rsa-sha2-256", + "notes": "increase modulus size to 3072 bits or larger" + }, + { + "name": "rsa-sha2-512", + "notes": "increase modulus size to 3072 bits or larger" + } + ] + }, + "del": { + "enc": [{ "name": "chacha20-poly1305@openssh.com", "notes": "" }], + "mac": [ + { "name": "hmac-sha2-256", "notes": "" }, + { "name": "hmac-sha2-512", "notes": "" }, + { "name": "umac-128@openssh.com", "notes": "" }, + { "name": "umac-64-etm@openssh.com", "notes": "" }, + { "name": "umac-64@openssh.com", "notes": "" } + ] + } + } + }, + "target": "dummy-ssh.demo-targets.svc:22" } \ No newline at end of file diff --git a/scanners/ssh-audit/parser/__testFiles__/example.json b/scanners/ssh-audit/parser/__testFiles__/example.json deleted file mode 100644 index 08171b54cf..0000000000 --- a/scanners/ssh-audit/parser/__testFiles__/example.json +++ /dev/null @@ -1,221 +0,0 @@ -{ - "banner": { - "comments": "Raspbian-10+deb10u2+rpt1", - "protocol": [ - 2, - 0 - ], - "raw": "SSH-2.0-OpenSSH_7.9p1 Raspbian-10+deb10u2+rpt1", - "software": "OpenSSH_7.9p1" - }, - "compression": [ - "none", - "zlib@openssh.com" - ], - "cves": [ - { - "cvssv2": 7.0, - "description": "privilege escalation via supplemental groups", - "name": "CVE-2021-41617" - }, - { - "cvssv2": 7.8, - "description": "command injection via anomalous argument transfers", - "name": "CVE-2020-15778" - }, - { - "cvssv2": 7.8, - "description": "memory corruption and local code execution via pre-authentication integer overflow", - "name": "CVE-2019-16905" - }, - { - "cvssv2": 5.3, - "description": "enumerate usernames via challenge response", - "name": "CVE-2016-20012" - } - ], - "enc": [ - "chacha20-poly1305@openssh.com", - "aes128-ctr", - "aes192-ctr", - "aes256-ctr", - "aes128-gcm@openssh.com", - "aes256-gcm@openssh.com" - ], - "fingerprints": [ - { - "hash": "Qljt15P0hpcQdSrAZVME1Vj5fsX/LgKBDtfT7k6T66Q", - "hash_alg": "SHA256", - "hostkey": "ssh-ed25519" - }, - { - "hash": "d7:0b:7f:bb:5c:2b:1d:44:1d:63:5a:1d:3c:18:a2:e6", - "hash_alg": "MD5", - "hostkey": "ssh-ed25519" - }, - { - "hash": "rn+kjXUflGJzrCx7tIGGiJWMFS8gjwy5vFJzxXqK6Nk", - "hash_alg": "SHA256", - "hostkey": "ssh-rsa" - }, - { - "hash": "49:bd:b5:a9:3b:6e:cc:4a:59:69:e6:06:e9:d7:13:4a", - "hash_alg": "MD5", - "hostkey": "ssh-rsa" - } - ], - "kex": [ - { - "algorithm": "curve25519-sha256" - }, - { - "algorithm": "curve25519-sha256@libssh.org" - }, - { - "algorithm": "ecdh-sha2-nistp256" - }, - { - "algorithm": "ecdh-sha2-nistp384" - }, - { - "algorithm": "ecdh-sha2-nistp521" - }, - { - "algorithm": "diffie-hellman-group-exchange-sha256", - "keysize": 2048 - }, - { - "algorithm": "diffie-hellman-group16-sha512" - }, - { - "algorithm": "diffie-hellman-group18-sha512" - }, - { - "algorithm": "diffie-hellman-group14-sha256" - }, - { - "algorithm": "diffie-hellman-group14-sha1" - } - ], - "key": [ - { - "algorithm": "rsa-sha2-512", - "keysize": 2048 - }, - { - "algorithm": "rsa-sha2-256", - "keysize": 2048 - }, - { - "algorithm": "ssh-rsa", - "keysize": 2048 - }, - { - "algorithm": "ecdsa-sha2-nistp256" - }, - { - "algorithm": "ssh-ed25519" - } - ], - "mac": [ - "umac-64-etm@openssh.com", - "umac-128-etm@openssh.com", - "hmac-sha2-256-etm@openssh.com", - "hmac-sha2-512-etm@openssh.com", - "hmac-sha1-etm@openssh.com", - "umac-64@openssh.com", - "umac-128@openssh.com", - "hmac-sha2-256", - "hmac-sha2-512", - "hmac-sha1" - ], - "recommendations": { - "critical": { - "del": { - "kex": [ - { - "name": "diffie-hellman-group14-sha1", - "notes": "" - }, - { - "name": "ecdh-sha2-nistp256", - "notes": "" - }, - { - "name": "ecdh-sha2-nistp384", - "notes": "" - }, - { - "name": "ecdh-sha2-nistp521", - "notes": "" - } - ], - "key": [ - { - "name": "ecdsa-sha2-nistp256", - "notes": "" - }, - { - "name": "ssh-rsa", - "notes": "" - } - ], - "mac": [ - { - "name": "hmac-sha1", - "notes": "" - }, - { - "name": "hmac-sha1-etm@openssh.com", - "notes": "" - } - ] - } - }, - "warning": { - "chg": { - "key": [ - { - "name": "rsa-sha2-256", - "notes": "increase modulus size to 3072 bits or larger" - }, - { - "name": "rsa-sha2-512", - "notes": "increase modulus size to 3072 bits or larger" - } - ] - }, - "del": { - "kex": [ - { - "name": "diffie-hellman-group14-sha256", - "notes": "" - } - ], - "mac": [ - { - "name": "hmac-sha2-256", - "notes": "" - }, - { - "name": "hmac-sha2-512", - "notes": "" - }, - { - "name": "umac-128@openssh.com", - "notes": "" - }, - { - "name": "umac-64-etm@openssh.com", - "notes": "" - }, - { - "name": "umac-64@openssh.com", - "notes": "" - } - ] - } - } - }, - "target": "example.com:22" -} \ No newline at end of file diff --git a/scanners/ssh-audit/parser/__testFiles__/example.json.license b/scanners/ssh-audit/parser/__testFiles__/example.json.license deleted file mode 100644 index 3034c0d74b..0000000000 --- a/scanners/ssh-audit/parser/__testFiles__/example.json.license +++ /dev/null @@ -1,3 +0,0 @@ -SPDX-FileCopyrightText: the secureCodeBox authors - -SPDX-License-Identifier: Apache-2.0 \ No newline at end of file diff --git a/scanners/ssh-audit/parser/__testFiles__/portExample.json b/scanners/ssh-audit/parser/__testFiles__/portExample.json index b5cb53cf6f..58290ab4f9 100644 --- a/scanners/ssh-audit/parser/__testFiles__/portExample.json +++ b/scanners/ssh-audit/parser/__testFiles__/portExample.json @@ -1,174 +1,226 @@ { - "banner": { - "comments": null, - "protocol": [ - 2, - 0 + "additional_notes": [ + "Be aware that, while this target properly supports the strict key exchange method (via the kex-strict-?-v00@openssh.com marker) needed to protect against the Terrapin vulnerability (CVE-2023-48795), all peers must also support this feature as well, otherwise the vulnerability will still be present. The following algorithms would allow an unpatched peer to create vulnerable SSH channels with this target: chacha20-poly1305@openssh.com. If any CBC ciphers are in this list, you may remove them while leaving the *-etm@openssh.com MACs in place; these MACs are fine while paired with non-CBC cipher types.", + "Potentially insufficient connection throttling detected, resulting in possible vulnerability to the DHEat DoS attack (CVE-2002-20001). 38 connections were created in 0.348 seconds, or 109.1 conns/sec; server must respond with a rate less than 20.0 conns/sec per IPv4/IPv6 source address to be considered safe. For rate-throttling options, please see . Be aware that using 'PerSourceMaxStartups 1' properly protects the server from this attack, but will cause this test to yield a false positive. Suppress this test and message with the --skip-rate-test option." + ], + "banner": { + "comments": null, + "protocol": "2.0", + "raw": "SSH-2.0-OpenSSH_8.9p1", + "software": "OpenSSH_8.9p1" + }, + "compression": ["none"], + "cves": [], + "enc": [ + { + "algorithm": "chacha20-poly1305@openssh.com", + "notes": { + "info": [ + "default cipher since OpenSSH 6.9", + "available since OpenSSH 6.5, Dropbear SSH 2020.79" + ] + } + }, + { + "algorithm": "aes256-gcm@openssh.com", + "notes": { "info": ["available since OpenSSH 6.2"] } + }, + { + "algorithm": "aes128-gcm@openssh.com", + "notes": { "info": ["available since OpenSSH 6.2"] } + }, + { + "algorithm": "aes256-ctr", + "notes": { "info": ["available since OpenSSH 3.7, Dropbear SSH 0.52"] } + }, + { + "algorithm": "aes192-ctr", + "notes": { "info": ["available since OpenSSH 3.7"] } + }, + { + "algorithm": "aes128-ctr", + "notes": { "info": ["available since OpenSSH 3.7, Dropbear SSH 0.52"] } + } + ], + "fingerprints": [ + { + "hash": "WrPtjtUCUKDiCnCXydph/tHIISUeJiLMLwdBLpfI2KU", + "hash_alg": "SHA256", + "hostkey": "ecdsa-sha2-nistp256" + }, + { + "hash": "ed:ea:4c:10:1a:37:41:5f:dd:84:29:4b:ba:ab:8a:27", + "hash_alg": "MD5", + "hostkey": "ecdsa-sha2-nistp256" + }, + { + "hash": "zDyiQDFSdBbKGL0vFgMWa0cdEI1R4QGtkEMHY/BlqT0", + "hash_alg": "SHA256", + "hostkey": "ssh-ed25519" + }, + { + "hash": "c8:2c:ee:3b:bc:ae:0e:8b:0d:6f:f2:b6:77:25:69:aa", + "hash_alg": "MD5", + "hostkey": "ssh-ed25519" + }, + { + "hash": "khLYpAPy+wFXAh+p6PBgNrmO4Qjs0KIDBuyb83m/1j4", + "hash_alg": "SHA256", + "hostkey": "ssh-rsa" + }, + { + "hash": "62:b4:fe:be:11:54:61:6b:c3:b8:e4:98:f3:41:84:73", + "hash_alg": "MD5", + "hostkey": "ssh-rsa" + } + ], + "kex": [ + { + "algorithm": "curve25519-sha256@libssh.org", + "notes": { + "info": [ + "default key exchange from OpenSSH 6.5 to 7.3", + "available since OpenSSH 6.4, Dropbear SSH 2013.62" + ] + } + }, + { + "algorithm": "diffie-hellman-group-exchange-sha256", + "keysize": 3072, + "notes": { + "info": [ + "OpenSSH's GEX fallback mechanism was triggered during testing. Very old SSH clients will still be able to create connections using a 2048-bit modulus, though modern clients will use 3072. This can only be disabled by recompiling the code (see https://github.com/openssh/openssh-portable/blob/V_9_4/dh.c#L477).", + "available since OpenSSH 4.4" + ] + } + }, + { + "algorithm": "ecdh-sha2-nistp521", + "notes": { + "fail": [ + "using elliptic curves that are suspected as being backdoored by the U.S. National Security Agency" ], - "raw": "SSH-2.0-OpenSSH_8.2p1", - "software": "OpenSSH_8.2p1" - }, - "compression": [ - "none" - ], - "cves": [ - { - "cvssv2": 7.0, - "description": "privilege escalation via supplemental groups", - "name": "CVE-2021-41617" - }, - { - "cvssv2": 7.8, - "description": "command injection via anomalous argument transfers", - "name": "CVE-2020-15778" - }, - { - "cvssv2": 5.3, - "description": "enumerate usernames via challenge response", - "name": "CVE-2016-20012" - } - ], - "enc": [ - "chacha20-poly1305@openssh.com", - "aes256-gcm@openssh.com", - "aes128-gcm@openssh.com", - "aes256-ctr", - "aes192-ctr", - "aes128-ctr" - ], - "fingerprints": [ - { - "hash": "zDyiQDFSdBbKGL0vFgMWa0cdEI1R4QGtkEMHY/BlqT0", - "hash_alg": "SHA256", - "hostkey": "ssh-ed25519" - }, - { - "hash": "c8:2c:ee:3b:bc:ae:0e:8b:0d:6f:f2:b6:77:25:69:aa", - "hash_alg": "MD5", - "hostkey": "ssh-ed25519" - }, - { - "hash": "khLYpAPy+wFXAh+p6PBgNrmO4Qjs0KIDBuyb83m/1j4", - "hash_alg": "SHA256", - "hostkey": "ssh-rsa" - }, - { - "hash": "62:b4:fe:be:11:54:61:6b:c3:b8:e4:98:f3:41:84:73", - "hash_alg": "MD5", - "hostkey": "ssh-rsa" - } - ], - "kex": [ - { - "algorithm": "curve25519-sha256@libssh.org" - }, - { - "algorithm": "diffie-hellman-group-exchange-sha256", - "keysize": 2048 - }, - { - "algorithm": "ecdh-sha2-nistp521" - }, - { - "algorithm": "ecdh-sha2-nistp384" - }, - { - "algorithm": "ecdh-sha2-nistp256" - } - ], - "key": [ - { - "algorithm": "rsa-sha2-512", - "keysize": 3072 - }, - { - "algorithm": "rsa-sha2-256", - "keysize": 3072 - }, - { - "algorithm": "ssh-rsa", - "keysize": 3072 - }, - { - "algorithm": "ecdsa-sha2-nistp256" - }, - { - "algorithm": "ssh-ed25519" - } - ], - "mac": [ - "hmac-sha2-512-etm@openssh.com", - "hmac-sha2-256-etm@openssh.com", - "umac-128-etm@openssh.com", - "umac-128@openssh.com", - "hmac-sha2-512", - "hmac-sha2-256" - ], - "recommendations": { - "critical": { - "del": { - "kex": [ - { - "name": "ecdh-sha2-nistp256", - "notes": "" - }, - { - "name": "ecdh-sha2-nistp384", - "notes": "" - }, - { - "name": "ecdh-sha2-nistp521", - "notes": "" - } - ], - "key": [ - { - "name": "ecdsa-sha2-nistp256", - "notes": "" - }, - { - "name": "ssh-rsa", - "notes": "" - } - ] - } - }, - "informational": { - "add": { - "kex": [ - { - "name": "curve25519-sha256", - "notes": "" - }, - { - "name": "diffie-hellman-group16-sha512", - "notes": "" - }, - { - "name": "diffie-hellman-group18-sha512", - "notes": "" - } - ] - } - }, - "warning": { - "del": { - "mac": [ - { - "name": "hmac-sha2-256", - "notes": "" - }, - { - "name": "hmac-sha2-512", - "notes": "" - }, - { - "name": "umac-128@openssh.com", - "notes": "" - } - ] - } - } - }, - "target": "127.0.0.1:29683" -} \ No newline at end of file + "info": ["available since OpenSSH 5.7, Dropbear SSH 2013.62"] + } + }, + { + "algorithm": "ecdh-sha2-nistp384", + "notes": { + "fail": [ + "using elliptic curves that are suspected as being backdoored by the U.S. National Security Agency" + ], + "info": ["available since OpenSSH 5.7, Dropbear SSH 2013.62"] + } + }, + { + "algorithm": "ecdh-sha2-nistp256", + "notes": { + "fail": [ + "using elliptic curves that are suspected as being backdoored by the U.S. National Security Agency" + ], + "info": ["available since OpenSSH 5.7, Dropbear SSH 2013.62"] + } + }, + { + "algorithm": "kex-strict-s-v00@openssh.com", + "notes": { + "info": [ + "pseudo-algorithm that denotes the peer supports a stricter key exchange method as a counter-measure to the Terrapin attack (CVE-2023-48795)" + ] + } + } + ], + "key": [ + { + "algorithm": "rsa-sha2-512", + "keysize": 3072, + "notes": { "info": ["available since OpenSSH 7.2"] } + }, + { + "algorithm": "rsa-sha2-256", + "keysize": 3072, + "notes": { "info": ["available since OpenSSH 7.2, Dropbear SSH 2020.79"] } + }, + { + "algorithm": "ecdsa-sha2-nistp256", + "notes": { + "fail": [ + "using elliptic curves that are suspected as being backdoored by the U.S. National Security Agency" + ], + "info": ["available since OpenSSH 5.7, Dropbear SSH 2013.62"], + "warn": ["using weak random number generator could reveal the key"] + } + }, + { + "algorithm": "ssh-ed25519", + "notes": { "info": ["available since OpenSSH 6.5, Dropbear SSH 2020.79"] } + } + ], + "mac": [ + { + "algorithm": "hmac-sha2-512-etm@openssh.com", + "notes": { "info": ["available since OpenSSH 6.2"] } + }, + { + "algorithm": "hmac-sha2-256-etm@openssh.com", + "notes": { "info": ["available since OpenSSH 6.2"] } + }, + { + "algorithm": "umac-128-etm@openssh.com", + "notes": { "info": ["available since OpenSSH 6.2"] } + }, + { + "algorithm": "umac-128@openssh.com", + "notes": { + "info": ["available since OpenSSH 6.2"], + "warn": ["using encrypt-and-MAC mode"] + } + }, + { + "algorithm": "hmac-sha2-512", + "notes": { + "info": ["available since OpenSSH 5.9, Dropbear SSH 2013.56"], + "warn": ["using encrypt-and-MAC mode"] + } + }, + { + "algorithm": "hmac-sha2-256", + "notes": { + "info": ["available since OpenSSH 5.9, Dropbear SSH 2013.56"], + "warn": ["using encrypt-and-MAC mode"] + } + } + ], + "recommendations": { + "critical": { + "del": { + "kex": [ + { "name": "ecdh-sha2-nistp256", "notes": "" }, + { "name": "ecdh-sha2-nistp384", "notes": "" }, + { "name": "ecdh-sha2-nistp521", "notes": "" } + ], + "key": [{ "name": "ecdsa-sha2-nistp256", "notes": "" }] + } + }, + "informational": { + "add": { + "kex": [ + { "name": "curve25519-sha256", "notes": "" }, + { "name": "diffie-hellman-group16-sha512", "notes": "" }, + { "name": "diffie-hellman-group18-sha512", "notes": "" }, + { "name": "sntrup761x25519-sha512@openssh.com", "notes": "" } + ] + } + }, + "warning": { + "del": { + "mac": [ + { "name": "hmac-sha2-256", "notes": "" }, + { "name": "hmac-sha2-512", "notes": "" }, + { "name": "umac-128@openssh.com", "notes": "" } + ] + } + } + }, + "target": "127.0.0.1:29683" +} \ No newline at end of file diff --git a/scanners/ssh-audit/parser/parser.test.js b/scanners/ssh-audit/parser/parser.test.js index 5219829d94..3f30c70fec 100644 --- a/scanners/ssh-audit/parser/parser.test.js +++ b/scanners/ssh-audit/parser/parser.test.js @@ -10,7 +10,7 @@ const { const readFile = util.promisify(fs.readFile); -const {parse} = require("./parser"); +const { parse } = require("./parser"); test("ssh-audit parser parses a result into proper findings for dummy-ssh", async () => { const hosts = JSON.parse( @@ -21,326 +21,441 @@ test("ssh-audit parser parses a result into proper findings for dummy-ssh", asyn const findings = await parse(hosts); await expect(validateParser(findings)).resolves.toBeUndefined(); expect(findings).toMatchInlineSnapshot(` - [ - { - "attributes": { - "compression_algorithms": [ - "none", - "zlib@openssh.com", - ], - "encryption_algorithms": [ - "chacha20-poly1305@openssh.com", - "aes128-ctr", - "aes192-ctr", - "aes256-ctr", - "aes128-gcm@openssh.com", - "aes256-gcm@openssh.com", - ], - "fingerprints": [ - { - "hash": "eLwgzyjvrpwDbDr+pDbIfUhlNANB4DPH9/0w1vGa87E", - "hash_alg": "SHA256", - "hostkey": "ssh-ed25519", - }, - { - "hash": "c8:65:6b:d1:59:03:56:21:d9:0f:84:83:ce:ac:40:86", - "hash_alg": "MD5", - "hostkey": "ssh-ed25519", - }, - { - "hash": "MbRX/CgQyN6/p8/ZjORurfaJqDhu4VEIWfXo0BnxaCE", - "hash_alg": "SHA256", - "hostkey": "ssh-rsa", - }, - { - "hash": "a5:6f:62:26:81:03:b7:5e:06:48:10:04:79:4b:ac:32", - "hash_alg": "MD5", - "hostkey": "ssh-rsa", - }, - ], - "hostname": "dummy-ssh.demo-targets.svc", - "ip_address": null, - "key_algorithms": [ - { - "algorithm": "ssh-rsa", - "keysize": 2048, - }, - { - "algorithm": "rsa-sha2-512", - "keysize": 2048, - }, - { - "algorithm": "rsa-sha2-256", - "keysize": 2048, - }, - { - "algorithm": "ecdsa-sha2-nistp256", - }, - { - "algorithm": "ssh-ed25519", - }, - ], - "key_exchange_algorithms": [ - { - "algorithm": "curve25519-sha256@libssh.org", - }, - { - "algorithm": "ecdh-sha2-nistp256", - }, - { - "algorithm": "ecdh-sha2-nistp384", - }, - { - "algorithm": "ecdh-sha2-nistp521", - }, - { - "algorithm": "diffie-hellman-group-exchange-sha256", - "keysize": 2048, - }, - { - "algorithm": "diffie-hellman-group14-sha1", - }, - ], - "mac_algorithms": [ - "umac-64-etm@openssh.com", - "umac-128-etm@openssh.com", - "hmac-sha2-256-etm@openssh.com", - "hmac-sha2-512-etm@openssh.com", - "hmac-sha1-etm@openssh.com", - "umac-64@openssh.com", - "umac-128@openssh.com", - "hmac-sha2-256", - "hmac-sha2-512", - "hmac-sha1", - ], - "server_banner": "SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.8", - "ssh_lib_cpe": "OpenSSH_7.2p2", - "ssh_version": 2, - }, - "category": "SSH Service", - "description": "Information about Used SSH Algorithms", - "location": "ssh://dummy-ssh.demo-targets.svc", - "name": "SSH Service", - "osi_layer": "APPLICATION", - "port": "22", - "severity": "INFORMATIONAL", - }, - { - "attributes": { - "algorithms": [ - "diffie-hellman-group14-sha1", - "ecdh-sha2-nistp256", - "ecdh-sha2-nistp384", - "ecdh-sha2-nistp521", - ], - }, - "category": "SSH Policy Violation", - "description": "Discouraged SSH key exchange algorithms in use", - "location": "ssh://dummy-ssh.demo-targets.svc", - "mitigation": "Remove these KEX algorithms", - "name": "Insecure SSH KEX Algorithms", - "severity": "HIGH", - }, - { - "attributes": { - "algorithms": [ - "ecdsa-sha2-nistp256", - "ssh-rsa", - ], - }, - "category": "SSH Policy Violation", - "description": "Discouraged SSH key algorithms in use", - "location": "ssh://dummy-ssh.demo-targets.svc", - "mitigation": "Remove these key algorithms", - "name": "Insecure SSH Key Algorithms", - "severity": "HIGH", - }, - { - "attributes": { - "algorithms": [ - "hmac-sha1", - "hmac-sha1-etm@openssh.com", - ], - }, - "category": "SSH Policy Violation", - "description": "Discouraged SSH message authentication code algorithms in use", - "location": "ssh://dummy-ssh.demo-targets.svc", - "mitigation": "Remove these MAC algorithms", - "name": "Insecure SSH MAC Algorithms", - "severity": "HIGH", - }, - { - "attributes": { - "algorithms": [ - "rsa-sha2-256 (Note: increase modulus size to 3072 bits or larger)", - "rsa-sha2-512 (Note: increase modulus size to 3072 bits or larger)", - ], - }, - "category": "SSH Policy Violation", - "description": "Weak SSH key algorithms in use", - "location": "ssh://dummy-ssh.demo-targets.svc", - "mitigation": "Change these key algorithms", - "name": "SSH Key Algorithms must be changed", - "severity": "MEDIUM", - }, - { - "attributes": { - "algorithms": [ - "hmac-sha2-256", - "hmac-sha2-512", - "umac-128@openssh.com", - "umac-64-etm@openssh.com", - "umac-64@openssh.com", - ], - }, - "category": "SSH Policy Violation", - "description": "Discouraged SSH message authentication code algorithms in use", - "location": "ssh://dummy-ssh.demo-targets.svc", - "mitigation": "Remove these MAC algorithms", - "name": "Insecure SSH MAC Algorithms", - "severity": "MEDIUM", - }, - { - "attributes": { - "cvssv2": 7, - }, - "category": "SSH Violation", - "description": "privilege escalation via supplemental groups", - "location": "ssh://dummy-ssh.demo-targets.svc", - "name": "CVE-2021-41617", - "references": [ - { - "type": "CVE", - "value": "CVE-2021-41617", + [ + { + "attributes": { + "compression_algorithms": [ + "none", + "zlib@openssh.com", + ], + "encryption_algorithms": [ + { + "algorithm": "chacha20-poly1305@openssh.com", + "notes": { + "info": [ + "default cipher since OpenSSH 6.9", + "available since OpenSSH 6.5, Dropbear SSH 2020.79", + ], + "warn": [ + "vulnerable to the Terrapin attack (CVE-2023-48795), allowing message prefix truncation", + ], + }, + }, + { + "algorithm": "aes128-ctr", + "notes": { + "info": [ + "available since OpenSSH 3.7, Dropbear SSH 0.52", + ], + }, + }, + { + "algorithm": "aes192-ctr", + "notes": { + "info": [ + "available since OpenSSH 3.7", + ], + }, + }, + { + "algorithm": "aes256-ctr", + "notes": { + "info": [ + "available since OpenSSH 3.7, Dropbear SSH 0.52", + ], + }, + }, + { + "algorithm": "aes128-gcm@openssh.com", + "notes": { + "info": [ + "available since OpenSSH 6.2", + ], + }, + }, + { + "algorithm": "aes256-gcm@openssh.com", + "notes": { + "info": [ + "available since OpenSSH 6.2", + ], + }, + }, + ], + "fingerprints": [ + { + "hash": "pa+Jwax5syiezfL29o6j6uaWBoJeK/LZJ8OXUwPrE5A", + "hash_alg": "SHA256", + "hostkey": "ecdsa-sha2-nistp256", + }, + { + "hash": "f5:fb:82:83:cd:0e:1f:af:2a:45:17:0b:b7:3c:9f:ee", + "hash_alg": "MD5", + "hostkey": "ecdsa-sha2-nistp256", + }, + { + "hash": "eLwgzyjvrpwDbDr+pDbIfUhlNANB4DPH9/0w1vGa87E", + "hash_alg": "SHA256", + "hostkey": "ssh-ed25519", + }, + { + "hash": "c8:65:6b:d1:59:03:56:21:d9:0f:84:83:ce:ac:40:86", + "hash_alg": "MD5", + "hostkey": "ssh-ed25519", + }, + { + "hash": "MbRX/CgQyN6/p8/ZjORurfaJqDhu4VEIWfXo0BnxaCE", + "hash_alg": "SHA256", + "hostkey": "ssh-rsa", + }, + { + "hash": "a5:6f:62:26:81:03:b7:5e:06:48:10:04:79:4b:ac:32", + "hash_alg": "MD5", + "hostkey": "ssh-rsa", + }, + ], + "hostname": "dummy-ssh.demo-targets.svc", + "ip_address": null, + "key_algorithms": [ + { + "algorithm": "ssh-rsa", + "keysize": 2048, + "notes": { + "fail": [ + "using broken SHA-1 hash algorithm", + ], + "info": [ + "deprecated in OpenSSH 8.8: https://www.openssh.com/txt/release-8.8", + "available since OpenSSH 2.5.0, Dropbear SSH 0.28", + ], + "warn": [ + "2048-bit modulus only provides 112-bits of symmetric strength", + ], + }, + }, + { + "algorithm": "rsa-sha2-512", + "keysize": 2048, + "notes": { + "info": [ + "available since OpenSSH 7.2", + ], + "warn": [ + "2048-bit modulus only provides 112-bits of symmetric strength", + ], + }, + }, + { + "algorithm": "rsa-sha2-256", + "keysize": 2048, + "notes": { + "info": [ + "available since OpenSSH 7.2, Dropbear SSH 2020.79", + ], + "warn": [ + "2048-bit modulus only provides 112-bits of symmetric strength", + ], + }, + }, + { + "algorithm": "ecdsa-sha2-nistp256", + "notes": { + "fail": [ + "using elliptic curves that are suspected as being backdoored by the U.S. National Security Agency", + ], + "info": [ + "available since OpenSSH 5.7, Dropbear SSH 2013.62", + ], + "warn": [ + "using weak random number generator could reveal the key", + ], + }, + }, + { + "algorithm": "ssh-ed25519", + "notes": { + "info": [ + "available since OpenSSH 6.5, Dropbear SSH 2020.79", + ], + }, + }, + ], + "key_exchange_algorithms": [ + { + "algorithm": "curve25519-sha256@libssh.org", + "notes": { + "info": [ + "default key exchange from OpenSSH 6.5 to 7.3", + "available since OpenSSH 6.4, Dropbear SSH 2013.62", + ], + }, + }, + { + "algorithm": "ecdh-sha2-nistp256", + "notes": { + "fail": [ + "using elliptic curves that are suspected as being backdoored by the U.S. National Security Agency", + ], + "info": [ + "available since OpenSSH 5.7, Dropbear SSH 2013.62", + ], + }, + }, + { + "algorithm": "ecdh-sha2-nistp384", + "notes": { + "fail": [ + "using elliptic curves that are suspected as being backdoored by the U.S. National Security Agency", + ], + "info": [ + "available since OpenSSH 5.7, Dropbear SSH 2013.62", + ], + }, + }, + { + "algorithm": "ecdh-sha2-nistp521", + "notes": { + "fail": [ + "using elliptic curves that are suspected as being backdoored by the U.S. National Security Agency", + ], + "info": [ + "available since OpenSSH 5.7, Dropbear SSH 2013.62", + ], + }, + }, + { + "algorithm": "diffie-hellman-group-exchange-sha256", + "keysize": 3072, + "notes": { + "info": [ + "OpenSSH's GEX fallback mechanism was triggered during testing. Very old SSH clients will still be able to create connections using a 2048-bit modulus, though modern clients will use 3072. This can only be disabled by recompiling the code (see https://github.com/openssh/openssh-portable/blob/V_9_4/dh.c#L477).", + "available since OpenSSH 4.4", + ], + }, + }, + { + "algorithm": "diffie-hellman-group14-sha1", + "notes": { + "fail": [ + "using broken SHA-1 hash algorithm", + ], + "info": [ + "available since OpenSSH 3.9, Dropbear SSH 0.53", + ], + "warn": [ + "2048-bit modulus only provides 112-bits of symmetric strength", + ], + }, + }, + ], + "mac_algorithms": [ + { + "algorithm": "umac-64-etm@openssh.com", + "notes": { + "info": [ + "available since OpenSSH 6.2", + ], + "warn": [ + "using small 64-bit tag size", + ], + }, + }, + { + "algorithm": "umac-128-etm@openssh.com", + "notes": { + "info": [ + "available since OpenSSH 6.2", + ], + }, + }, + { + "algorithm": "hmac-sha2-256-etm@openssh.com", + "notes": { + "info": [ + "available since OpenSSH 6.2", + ], + }, + }, + { + "algorithm": "hmac-sha2-512-etm@openssh.com", + "notes": { + "info": [ + "available since OpenSSH 6.2", + ], + }, + }, + { + "algorithm": "hmac-sha1-etm@openssh.com", + "notes": { + "fail": [ + "using broken SHA-1 hash algorithm", + ], + "info": [ + "available since OpenSSH 6.2", + ], + }, + }, + { + "algorithm": "umac-64@openssh.com", + "notes": { + "info": [ + "available since OpenSSH 4.7", + ], + "warn": [ + "using encrypt-and-MAC mode", + "using small 64-bit tag size", + ], + }, + }, + { + "algorithm": "umac-128@openssh.com", + "notes": { + "info": [ + "available since OpenSSH 6.2", + ], + "warn": [ + "using encrypt-and-MAC mode", + ], + }, + }, + { + "algorithm": "hmac-sha2-256", + "notes": { + "info": [ + "available since OpenSSH 5.9, Dropbear SSH 2013.56", + ], + "warn": [ + "using encrypt-and-MAC mode", + ], + }, + }, + { + "algorithm": "hmac-sha2-512", + "notes": { + "info": [ + "available since OpenSSH 5.9, Dropbear SSH 2013.56", + ], + "warn": [ + "using encrypt-and-MAC mode", + ], + }, + }, + { + "algorithm": "hmac-sha1", + "notes": { + "fail": [ + "using broken SHA-1 hash algorithm", + ], + "info": [ + "available since OpenSSH 2.1.0, Dropbear SSH 0.28", + ], + "warn": [ + "using encrypt-and-MAC mode", + ], + }, + }, + ], + "server_banner": "SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.8", + "ssh_lib_cpe": "OpenSSH_7.2p2", + "ssh_version": "2.0", }, - { - "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-41617", + "category": "SSH Service", + "description": "Information about Used SSH Algorithms", + "location": "ssh://dummy-ssh.demo-targets.svc", + "name": "SSH Service", + "osi_layer": "APPLICATION", + "port": "22", + "severity": "INFORMATIONAL", + }, + { + "attributes": { + "algorithms": [ + "diffie-hellman-group14-sha1", + "ecdh-sha2-nistp256", + "ecdh-sha2-nistp384", + "ecdh-sha2-nistp521", + ], }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "cvssv2": 7.8, - }, - "category": "SSH Violation", - "description": "command injection via anomalous argument transfers", - "location": "ssh://dummy-ssh.demo-targets.svc", - "name": "CVE-2020-15778", - "references": [ - { - "type": "CVE", - "value": "CVE-2020-15778", + "category": "SSH Policy Violation", + "description": "Discouraged SSH key exchange algorithms in use", + "location": "ssh://dummy-ssh.demo-targets.svc", + "mitigation": "Remove these KEX algorithms", + "name": "Insecure SSH KEX Algorithms", + "severity": "HIGH", + }, + { + "attributes": { + "algorithms": [ + "ecdsa-sha2-nistp256", + "ssh-rsa", + ], }, - { - "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-15778", + "category": "SSH Policy Violation", + "description": "Discouraged SSH key algorithms in use", + "location": "ssh://dummy-ssh.demo-targets.svc", + "mitigation": "Remove these key algorithms", + "name": "Insecure SSH Key Algorithms", + "severity": "HIGH", + }, + { + "attributes": { + "algorithms": [ + "hmac-sha1", + "hmac-sha1-etm@openssh.com", + ], }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "cvssv2": 5.3, - }, - "category": "SSH Violation", - "description": "username enumeration via GS2", - "location": "ssh://dummy-ssh.demo-targets.svc", - "name": "CVE-2018-15919", - "references": [ - { - "type": "CVE", - "value": "CVE-2018-15919", + "category": "SSH Policy Violation", + "description": "Discouraged SSH message authentication code algorithms in use", + "location": "ssh://dummy-ssh.demo-targets.svc", + "mitigation": "Remove these MAC algorithms", + "name": "Insecure SSH MAC Algorithms", + "severity": "HIGH", + }, + { + "attributes": { + "algorithms": [ + "rsa-sha2-256 (Note: increase modulus size to 3072 bits or larger)", + "rsa-sha2-512 (Note: increase modulus size to 3072 bits or larger)", + ], }, - { - "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-15919", + "category": "SSH Policy Violation", + "description": "Weak SSH key algorithms in use", + "location": "ssh://dummy-ssh.demo-targets.svc", + "mitigation": "Change these key algorithms", + "name": "SSH Key Algorithms must be changed", + "severity": "MEDIUM", + }, + { + "attributes": { + "algorithms": [ + "chacha20-poly1305@openssh.com", + ], }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "cvssv2": 5.3, - }, - "category": "SSH Violation", - "description": "enumerate usernames due to timing discrepancies", - "location": "ssh://dummy-ssh.demo-targets.svc", - "name": "CVE-2018-15473", - "references": [ - { - "type": "CVE", - "value": "CVE-2018-15473", - }, - { - "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2018-15473", + "category": "SSH Policy Violation", + "description": "Discouraged SSH Encryption algorithms are in use", + "location": "ssh://dummy-ssh.demo-targets.svc", + "mitigation": "Remove these encryption algorithms", + "name": "Insecure SSH Encryption Algorithms", + "severity": "MEDIUM", + }, + { + "attributes": { + "algorithms": [ + "hmac-sha2-256", + "hmac-sha2-512", + "umac-128@openssh.com", + "umac-64-etm@openssh.com", + "umac-64@openssh.com", + ], }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "cvssv2": 5.3, - }, - "category": "SSH Violation", - "description": "enumerate usernames via challenge response", - "location": "ssh://dummy-ssh.demo-targets.svc", - "name": "CVE-2016-20012", - "references": [ - { - "type": "CVE", - "value": "CVE-2016-20012", - }, - { - "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2016-20012", - }, - ], - "severity": "MEDIUM", - }, - { - "attributes": { - "cvssv2": 7.8, - }, - "category": "SSH Violation", - "description": "cause DoS via long password string (crypt CPU consumption)", - "location": "ssh://dummy-ssh.demo-targets.svc", - "name": "CVE-2016-6515", - "references": [ - { - "type": "CVE", - "value": "CVE-2016-6515", - }, - { - "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2016-6515", - }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "cvssv2": 7.2, - }, - "category": "SSH Violation", - "description": "privilege escalation via triggering crafted environment", - "location": "ssh://dummy-ssh.demo-targets.svc", - "name": "CVE-2015-8325", - "references": [ - { - "type": "CVE", - "value": "CVE-2015-8325", - }, - { - "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2015-8325", - }, - ], - "severity": "HIGH", - }, - ] + "category": "SSH Policy Violation", + "description": "Discouraged SSH message authentication code algorithms in use", + "location": "ssh://dummy-ssh.demo-targets.svc", + "mitigation": "Remove these MAC algorithms", + "name": "Insecure SSH MAC Algorithms", + "severity": "MEDIUM", + }, + ] `); }); @@ -356,303 +471,6 @@ test("should properly parse empty json file", async () => { expect(findings).toMatchInlineSnapshot(`[]`); }); -test("ssh-audit parser parses a result into proper findings for an example", async () => { - const hosts = JSON.parse( - await readFile(__dirname + "/__testFiles__/example.json", { - encoding: "utf8", - }) - ); - const findings = await parse(hosts); - await expect(validateParser(findings)).resolves.toBeUndefined(); - expect(findings).toMatchInlineSnapshot(` - [ - { - "attributes": { - "compression_algorithms": [ - "none", - "zlib@openssh.com", - ], - "encryption_algorithms": [ - "chacha20-poly1305@openssh.com", - "aes128-ctr", - "aes192-ctr", - "aes256-ctr", - "aes128-gcm@openssh.com", - "aes256-gcm@openssh.com", - ], - "fingerprints": [ - { - "hash": "Qljt15P0hpcQdSrAZVME1Vj5fsX/LgKBDtfT7k6T66Q", - "hash_alg": "SHA256", - "hostkey": "ssh-ed25519", - }, - { - "hash": "d7:0b:7f:bb:5c:2b:1d:44:1d:63:5a:1d:3c:18:a2:e6", - "hash_alg": "MD5", - "hostkey": "ssh-ed25519", - }, - { - "hash": "rn+kjXUflGJzrCx7tIGGiJWMFS8gjwy5vFJzxXqK6Nk", - "hash_alg": "SHA256", - "hostkey": "ssh-rsa", - }, - { - "hash": "49:bd:b5:a9:3b:6e:cc:4a:59:69:e6:06:e9:d7:13:4a", - "hash_alg": "MD5", - "hostkey": "ssh-rsa", - }, - ], - "hostname": "example.com", - "ip_address": null, - "key_algorithms": [ - { - "algorithm": "rsa-sha2-512", - "keysize": 2048, - }, - { - "algorithm": "rsa-sha2-256", - "keysize": 2048, - }, - { - "algorithm": "ssh-rsa", - "keysize": 2048, - }, - { - "algorithm": "ecdsa-sha2-nistp256", - }, - { - "algorithm": "ssh-ed25519", - }, - ], - "key_exchange_algorithms": [ - { - "algorithm": "curve25519-sha256", - }, - { - "algorithm": "curve25519-sha256@libssh.org", - }, - { - "algorithm": "ecdh-sha2-nistp256", - }, - { - "algorithm": "ecdh-sha2-nistp384", - }, - { - "algorithm": "ecdh-sha2-nistp521", - }, - { - "algorithm": "diffie-hellman-group-exchange-sha256", - "keysize": 2048, - }, - { - "algorithm": "diffie-hellman-group16-sha512", - }, - { - "algorithm": "diffie-hellman-group18-sha512", - }, - { - "algorithm": "diffie-hellman-group14-sha256", - }, - { - "algorithm": "diffie-hellman-group14-sha1", - }, - ], - "mac_algorithms": [ - "umac-64-etm@openssh.com", - "umac-128-etm@openssh.com", - "hmac-sha2-256-etm@openssh.com", - "hmac-sha2-512-etm@openssh.com", - "hmac-sha1-etm@openssh.com", - "umac-64@openssh.com", - "umac-128@openssh.com", - "hmac-sha2-256", - "hmac-sha2-512", - "hmac-sha1", - ], - "server_banner": "SSH-2.0-OpenSSH_7.9p1 Raspbian-10+deb10u2+rpt1", - "ssh_lib_cpe": "OpenSSH_7.9p1", - "ssh_version": 2, - }, - "category": "SSH Service", - "description": "Information about Used SSH Algorithms", - "location": "ssh://example.com", - "name": "SSH Service", - "osi_layer": "APPLICATION", - "port": "22", - "severity": "INFORMATIONAL", - }, - { - "attributes": { - "algorithms": [ - "diffie-hellman-group14-sha1", - "ecdh-sha2-nistp256", - "ecdh-sha2-nistp384", - "ecdh-sha2-nistp521", - ], - }, - "category": "SSH Policy Violation", - "description": "Discouraged SSH key exchange algorithms in use", - "location": "ssh://example.com", - "mitigation": "Remove these KEX algorithms", - "name": "Insecure SSH KEX Algorithms", - "severity": "HIGH", - }, - { - "attributes": { - "algorithms": [ - "ecdsa-sha2-nistp256", - "ssh-rsa", - ], - }, - "category": "SSH Policy Violation", - "description": "Discouraged SSH key algorithms in use", - "location": "ssh://example.com", - "mitigation": "Remove these key algorithms", - "name": "Insecure SSH Key Algorithms", - "severity": "HIGH", - }, - { - "attributes": { - "algorithms": [ - "hmac-sha1", - "hmac-sha1-etm@openssh.com", - ], - }, - "category": "SSH Policy Violation", - "description": "Discouraged SSH message authentication code algorithms in use", - "location": "ssh://example.com", - "mitigation": "Remove these MAC algorithms", - "name": "Insecure SSH MAC Algorithms", - "severity": "HIGH", - }, - { - "attributes": { - "algorithms": [ - "rsa-sha2-256 (Note: increase modulus size to 3072 bits or larger)", - "rsa-sha2-512 (Note: increase modulus size to 3072 bits or larger)", - ], - }, - "category": "SSH Policy Violation", - "description": "Weak SSH key algorithms in use", - "location": "ssh://example.com", - "mitigation": "Change these key algorithms", - "name": "SSH Key Algorithms must be changed", - "severity": "MEDIUM", - }, - { - "attributes": { - "algorithms": [ - "diffie-hellman-group14-sha256", - ], - }, - "category": "SSH Policy Violation", - "description": "Discouraged SSH key exchange algorithms in use", - "location": "ssh://example.com", - "mitigation": "Remove these KEX algorithms", - "name": "Insecure SSH KEX Algorithms", - "severity": "MEDIUM", - }, - { - "attributes": { - "algorithms": [ - "hmac-sha2-256", - "hmac-sha2-512", - "umac-128@openssh.com", - "umac-64-etm@openssh.com", - "umac-64@openssh.com", - ], - }, - "category": "SSH Policy Violation", - "description": "Discouraged SSH message authentication code algorithms in use", - "location": "ssh://example.com", - "mitigation": "Remove these MAC algorithms", - "name": "Insecure SSH MAC Algorithms", - "severity": "MEDIUM", - }, - { - "attributes": { - "cvssv2": 7, - }, - "category": "SSH Violation", - "description": "privilege escalation via supplemental groups", - "location": "ssh://example.com", - "name": "CVE-2021-41617", - "references": [ - { - "type": "CVE", - "value": "CVE-2021-41617", - }, - { - "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-41617", - }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "cvssv2": 7.8, - }, - "category": "SSH Violation", - "description": "command injection via anomalous argument transfers", - "location": "ssh://example.com", - "name": "CVE-2020-15778", - "references": [ - { - "type": "CVE", - "value": "CVE-2020-15778", - }, - { - "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-15778", - }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "cvssv2": 7.8, - }, - "category": "SSH Violation", - "description": "memory corruption and local code execution via pre-authentication integer overflow", - "location": "ssh://example.com", - "name": "CVE-2019-16905", - "references": [ - { - "type": "CVE", - "value": "CVE-2019-16905", - }, - { - "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2019-16905", - }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "cvssv2": 5.3, - }, - "category": "SSH Violation", - "description": "enumerate usernames via challenge response", - "location": "ssh://example.com", - "name": "CVE-2016-20012", - "references": [ - { - "type": "CVE", - "value": "CVE-2016-20012", - }, - { - "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2016-20012", - }, - ], - "severity": "MEDIUM", - }, - ] - `); -}); - test("ssh-audit parser parses a result into proper findings for an example with given port", async () => { const hosts = JSON.parse( await readFile(__dirname + "/__testFiles__/portExample.json", { @@ -662,221 +480,331 @@ test("ssh-audit parser parses a result into proper findings for an example with const findings = await parse(hosts); await expect(validateParser(findings)).resolves.toBeUndefined(); expect(findings).toMatchInlineSnapshot(` - [ - { - "attributes": { - "compression_algorithms": [ - "none", - ], - "encryption_algorithms": [ - "chacha20-poly1305@openssh.com", - "aes256-gcm@openssh.com", - "aes128-gcm@openssh.com", - "aes256-ctr", - "aes192-ctr", - "aes128-ctr", - ], - "fingerprints": [ - { - "hash": "zDyiQDFSdBbKGL0vFgMWa0cdEI1R4QGtkEMHY/BlqT0", - "hash_alg": "SHA256", - "hostkey": "ssh-ed25519", - }, - { - "hash": "c8:2c:ee:3b:bc:ae:0e:8b:0d:6f:f2:b6:77:25:69:aa", - "hash_alg": "MD5", - "hostkey": "ssh-ed25519", - }, - { - "hash": "khLYpAPy+wFXAh+p6PBgNrmO4Qjs0KIDBuyb83m/1j4", - "hash_alg": "SHA256", - "hostkey": "ssh-rsa", - }, - { - "hash": "62:b4:fe:be:11:54:61:6b:c3:b8:e4:98:f3:41:84:73", - "hash_alg": "MD5", - "hostkey": "ssh-rsa", - }, - ], - "hostname": null, - "ip_address": "127.0.0.1", - "key_algorithms": [ - { - "algorithm": "rsa-sha2-512", - "keysize": 3072, - }, - { - "algorithm": "rsa-sha2-256", - "keysize": 3072, - }, - { - "algorithm": "ssh-rsa", - "keysize": 3072, - }, - { - "algorithm": "ecdsa-sha2-nistp256", - }, - { - "algorithm": "ssh-ed25519", - }, - ], - "key_exchange_algorithms": [ - { - "algorithm": "curve25519-sha256@libssh.org", - }, - { - "algorithm": "diffie-hellman-group-exchange-sha256", - "keysize": 2048, - }, - { - "algorithm": "ecdh-sha2-nistp521", - }, - { - "algorithm": "ecdh-sha2-nistp384", - }, - { - "algorithm": "ecdh-sha2-nistp256", - }, - ], - "mac_algorithms": [ - "hmac-sha2-512-etm@openssh.com", - "hmac-sha2-256-etm@openssh.com", - "umac-128-etm@openssh.com", - "umac-128@openssh.com", - "hmac-sha2-512", - "hmac-sha2-256", - ], - "server_banner": "SSH-2.0-OpenSSH_8.2p1", - "ssh_lib_cpe": "OpenSSH_8.2p1", - "ssh_version": 2, - }, - "category": "SSH Service", - "description": "Information about Used SSH Algorithms", - "location": "ssh://127.0.0.1", - "name": "SSH Service", - "osi_layer": "APPLICATION", - "port": "29683", - "severity": "INFORMATIONAL", - }, - { - "attributes": { - "algorithms": [ - "ecdh-sha2-nistp256", - "ecdh-sha2-nistp384", - "ecdh-sha2-nistp521", - ], - }, - "category": "SSH Policy Violation", - "description": "Discouraged SSH key exchange algorithms in use", - "location": "ssh://127.0.0.1", - "mitigation": "Remove these KEX algorithms", - "name": "Insecure SSH KEX Algorithms", - "severity": "HIGH", - }, - { - "attributes": { - "algorithms": [ - "ecdsa-sha2-nistp256", - "ssh-rsa", - ], - }, - "category": "SSH Policy Violation", - "description": "Discouraged SSH key algorithms in use", - "location": "ssh://127.0.0.1", - "mitigation": "Remove these key algorithms", - "name": "Insecure SSH Key Algorithms", - "severity": "HIGH", - }, - { - "attributes": { - "algorithms": [ - "curve25519-sha256", - "diffie-hellman-group16-sha512", - "diffie-hellman-group18-sha512", - ], - }, - "category": "SSH Policy Violation", - "description": "SSH key exchange algorithms missing", - "location": "ssh://127.0.0.1", - "mitigation": "Add these KEX algorithms", - "name": "SSH KEX Algorithms must be added", - "severity": "LOW", - }, - { - "attributes": { - "algorithms": [ - "hmac-sha2-256", - "hmac-sha2-512", - "umac-128@openssh.com", - ], - }, - "category": "SSH Policy Violation", - "description": "Discouraged SSH message authentication code algorithms in use", - "location": "ssh://127.0.0.1", - "mitigation": "Remove these MAC algorithms", - "name": "Insecure SSH MAC Algorithms", - "severity": "MEDIUM", - }, - { - "attributes": { - "cvssv2": 7, - }, - "category": "SSH Violation", - "description": "privilege escalation via supplemental groups", - "location": "ssh://127.0.0.1", - "name": "CVE-2021-41617", - "references": [ - { - "type": "CVE", - "value": "CVE-2021-41617", + [ + { + "attributes": { + "compression_algorithms": [ + "none", + ], + "encryption_algorithms": [ + { + "algorithm": "chacha20-poly1305@openssh.com", + "notes": { + "info": [ + "default cipher since OpenSSH 6.9", + "available since OpenSSH 6.5, Dropbear SSH 2020.79", + ], + }, + }, + { + "algorithm": "aes256-gcm@openssh.com", + "notes": { + "info": [ + "available since OpenSSH 6.2", + ], + }, + }, + { + "algorithm": "aes128-gcm@openssh.com", + "notes": { + "info": [ + "available since OpenSSH 6.2", + ], + }, + }, + { + "algorithm": "aes256-ctr", + "notes": { + "info": [ + "available since OpenSSH 3.7, Dropbear SSH 0.52", + ], + }, + }, + { + "algorithm": "aes192-ctr", + "notes": { + "info": [ + "available since OpenSSH 3.7", + ], + }, + }, + { + "algorithm": "aes128-ctr", + "notes": { + "info": [ + "available since OpenSSH 3.7, Dropbear SSH 0.52", + ], + }, + }, + ], + "fingerprints": [ + { + "hash": "WrPtjtUCUKDiCnCXydph/tHIISUeJiLMLwdBLpfI2KU", + "hash_alg": "SHA256", + "hostkey": "ecdsa-sha2-nistp256", + }, + { + "hash": "ed:ea:4c:10:1a:37:41:5f:dd:84:29:4b:ba:ab:8a:27", + "hash_alg": "MD5", + "hostkey": "ecdsa-sha2-nistp256", + }, + { + "hash": "zDyiQDFSdBbKGL0vFgMWa0cdEI1R4QGtkEMHY/BlqT0", + "hash_alg": "SHA256", + "hostkey": "ssh-ed25519", + }, + { + "hash": "c8:2c:ee:3b:bc:ae:0e:8b:0d:6f:f2:b6:77:25:69:aa", + "hash_alg": "MD5", + "hostkey": "ssh-ed25519", + }, + { + "hash": "khLYpAPy+wFXAh+p6PBgNrmO4Qjs0KIDBuyb83m/1j4", + "hash_alg": "SHA256", + "hostkey": "ssh-rsa", + }, + { + "hash": "62:b4:fe:be:11:54:61:6b:c3:b8:e4:98:f3:41:84:73", + "hash_alg": "MD5", + "hostkey": "ssh-rsa", + }, + ], + "hostname": null, + "ip_address": "127.0.0.1", + "key_algorithms": [ + { + "algorithm": "rsa-sha2-512", + "keysize": 3072, + "notes": { + "info": [ + "available since OpenSSH 7.2", + ], + }, + }, + { + "algorithm": "rsa-sha2-256", + "keysize": 3072, + "notes": { + "info": [ + "available since OpenSSH 7.2, Dropbear SSH 2020.79", + ], + }, + }, + { + "algorithm": "ecdsa-sha2-nistp256", + "notes": { + "fail": [ + "using elliptic curves that are suspected as being backdoored by the U.S. National Security Agency", + ], + "info": [ + "available since OpenSSH 5.7, Dropbear SSH 2013.62", + ], + "warn": [ + "using weak random number generator could reveal the key", + ], + }, + }, + { + "algorithm": "ssh-ed25519", + "notes": { + "info": [ + "available since OpenSSH 6.5, Dropbear SSH 2020.79", + ], + }, + }, + ], + "key_exchange_algorithms": [ + { + "algorithm": "curve25519-sha256@libssh.org", + "notes": { + "info": [ + "default key exchange from OpenSSH 6.5 to 7.3", + "available since OpenSSH 6.4, Dropbear SSH 2013.62", + ], + }, + }, + { + "algorithm": "diffie-hellman-group-exchange-sha256", + "keysize": 3072, + "notes": { + "info": [ + "OpenSSH's GEX fallback mechanism was triggered during testing. Very old SSH clients will still be able to create connections using a 2048-bit modulus, though modern clients will use 3072. This can only be disabled by recompiling the code (see https://github.com/openssh/openssh-portable/blob/V_9_4/dh.c#L477).", + "available since OpenSSH 4.4", + ], + }, + }, + { + "algorithm": "ecdh-sha2-nistp521", + "notes": { + "fail": [ + "using elliptic curves that are suspected as being backdoored by the U.S. National Security Agency", + ], + "info": [ + "available since OpenSSH 5.7, Dropbear SSH 2013.62", + ], + }, + }, + { + "algorithm": "ecdh-sha2-nistp384", + "notes": { + "fail": [ + "using elliptic curves that are suspected as being backdoored by the U.S. National Security Agency", + ], + "info": [ + "available since OpenSSH 5.7, Dropbear SSH 2013.62", + ], + }, + }, + { + "algorithm": "ecdh-sha2-nistp256", + "notes": { + "fail": [ + "using elliptic curves that are suspected as being backdoored by the U.S. National Security Agency", + ], + "info": [ + "available since OpenSSH 5.7, Dropbear SSH 2013.62", + ], + }, + }, + { + "algorithm": "kex-strict-s-v00@openssh.com", + "notes": { + "info": [ + "pseudo-algorithm that denotes the peer supports a stricter key exchange method as a counter-measure to the Terrapin attack (CVE-2023-48795)", + ], + }, + }, + ], + "mac_algorithms": [ + { + "algorithm": "hmac-sha2-512-etm@openssh.com", + "notes": { + "info": [ + "available since OpenSSH 6.2", + ], + }, + }, + { + "algorithm": "hmac-sha2-256-etm@openssh.com", + "notes": { + "info": [ + "available since OpenSSH 6.2", + ], + }, + }, + { + "algorithm": "umac-128-etm@openssh.com", + "notes": { + "info": [ + "available since OpenSSH 6.2", + ], + }, + }, + { + "algorithm": "umac-128@openssh.com", + "notes": { + "info": [ + "available since OpenSSH 6.2", + ], + "warn": [ + "using encrypt-and-MAC mode", + ], + }, + }, + { + "algorithm": "hmac-sha2-512", + "notes": { + "info": [ + "available since OpenSSH 5.9, Dropbear SSH 2013.56", + ], + "warn": [ + "using encrypt-and-MAC mode", + ], + }, + }, + { + "algorithm": "hmac-sha2-256", + "notes": { + "info": [ + "available since OpenSSH 5.9, Dropbear SSH 2013.56", + ], + "warn": [ + "using encrypt-and-MAC mode", + ], + }, + }, + ], + "server_banner": "SSH-2.0-OpenSSH_8.9p1", + "ssh_lib_cpe": "OpenSSH_8.9p1", + "ssh_version": "2.0", }, - { - "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2021-41617", + "category": "SSH Service", + "description": "Information about Used SSH Algorithms", + "location": "ssh://127.0.0.1", + "name": "SSH Service", + "osi_layer": "APPLICATION", + "port": "29683", + "severity": "INFORMATIONAL", + }, + { + "attributes": { + "algorithms": [ + "ecdh-sha2-nistp256", + "ecdh-sha2-nistp384", + "ecdh-sha2-nistp521", + ], }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "cvssv2": 7.8, - }, - "category": "SSH Violation", - "description": "command injection via anomalous argument transfers", - "location": "ssh://127.0.0.1", - "name": "CVE-2020-15778", - "references": [ - { - "type": "CVE", - "value": "CVE-2020-15778", - }, - { - "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2020-15778", + "category": "SSH Policy Violation", + "description": "Discouraged SSH key exchange algorithms in use", + "location": "ssh://127.0.0.1", + "mitigation": "Remove these KEX algorithms", + "name": "Insecure SSH KEX Algorithms", + "severity": "HIGH", + }, + { + "attributes": { + "algorithms": [ + "ecdsa-sha2-nistp256", + ], }, - ], - "severity": "HIGH", - }, - { - "attributes": { - "cvssv2": 5.3, - }, - "category": "SSH Violation", - "description": "enumerate usernames via challenge response", - "location": "ssh://127.0.0.1", - "name": "CVE-2016-20012", - "references": [ - { - "type": "CVE", - "value": "CVE-2016-20012", + "category": "SSH Policy Violation", + "description": "Discouraged SSH key algorithms in use", + "location": "ssh://127.0.0.1", + "mitigation": "Remove these key algorithms", + "name": "Insecure SSH Key Algorithms", + "severity": "HIGH", + }, + { + "attributes": { + "algorithms": [ + "curve25519-sha256", + "diffie-hellman-group16-sha512", + "diffie-hellman-group18-sha512", + "sntrup761x25519-sha512@openssh.com", + ], }, - { - "type": "URL", - "value": "https://nvd.nist.gov/vuln/detail/CVE-2016-20012", + "category": "SSH Policy Violation", + "description": "SSH key exchange algorithms missing", + "location": "ssh://127.0.0.1", + "mitigation": "Add these KEX algorithms", + "name": "SSH KEX Algorithms must be added", + "severity": "LOW", + }, + { + "attributes": { + "algorithms": [ + "hmac-sha2-256", + "hmac-sha2-512", + "umac-128@openssh.com", + ], }, - ], - "severity": "MEDIUM", - }, - ] + "category": "SSH Policy Violation", + "description": "Discouraged SSH message authentication code algorithms in use", + "location": "ssh://127.0.0.1", + "mitigation": "Remove these MAC algorithms", + "name": "Insecure SSH MAC Algorithms", + "severity": "MEDIUM", + }, + ] `); });