check for vulnerable debian ssh keys

m-1-k-3 · #1 (**permalink**) 03-11-2009, 10:36 AM

Hey,

to check a system (with sshd running) for the debian ssh vulnerbility (CVE-2008-0166) you can use debian_ssh_scan_v4 [1] and paramiko [2].

* download [1] and [2] and unzip them.
* change to the paramiko directory and install paramiko with "python setup.py install"
* change to the debian_ssh_scan_v4 directory
* run it with
"cat SSH-IPs.txt | ./debian_ssh_scan_v4.py"
or
"./debian_ssh_scan_v4.py <IP>"

hf
m-1-k-3

[1]: http://itsecurity.net/
[2]: http://www.lag.net/paramiko/

secure_it · #2 (**permalink**) 03-11-2009, 11:53 AM

you have posted this in BT3 section which is slackware based & the vulnerability addresses debian OS based host,which is BT4.

m-1-k-3 · #3 (**permalink**) 03-11-2009, 11:59 AM

Quote:

Originally Posted by secure_it

you have posted this in BT3 section which is slackware based & the vulnerability addresses debian OS based host,which is BT4.

For sure. BT3 is the auditing device and the HowTo it is for auditing any Linux system which has SSH enabled.

m-1-k-3

theprez98 · #4 (**permalink**) 03-11-2009, 12:40 PM

Quote:

Originally Posted by secure_it

you have posted this in BT3 section which is slackware based & the vulnerability addresses debian OS based host,which is BT4.

This scans for vulnerable clients. The host whether BT3/Slackware or BT4/Ubuntu does not make a difference.

secure_it · #5 (**permalink**) 03-11-2009, 01:05 PM

Ya that I know,I saw that in example.I was just pointing he done with BT3 while BT4 already out.just like that.

m-1-k-3 · #6 (**permalink**) 03-12-2009, 01:19 AM

Quote:

Originally Posted by secure_it

Ya that I know,I saw that in example.I was just pointing he done with BT3 while BT4 already out.just like that.

BT4 is in beta and so the stable release is BT3. I've tested it also on B4 ... same steps

m-1-k-3

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode