Skip to content

defensahacker/debian-weak-ssh

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
rsa/2048
rsa/2048
 
 
ssh-blacklist
ssh-blacklist
 
 
CVE-2008-0166-Debian-ssh-PRNG.py
CVE-2008-0166-Debian-ssh-PRNG.py
 
 
README.md
README.md
 
 
ssh-vulnkey
ssh-vulnkey
 
 

Repository files navigation

cve-2008-0116 only is exploitable if the vulnerable machine has the public key in authorized_keys file! or MITM passive

download or locate debian_ssh_rsa (1024 and 2048) https://hdm.io/tools/debian-openssl/debian_ssh_dsa_1024_x86.tar.bz2 https://hdm.io/tools/debian-openssl/debian_ssh_rsa_2048_x86.tar.bz2 https://hdm.io/tools/debian-openssl/debian_ssh_rsa_1023_x86.tar.bz2 https://hdm.io/tools/debian-openssl/debian_ssh_rsa_1024_x86.tar.bz2 https://hdm.io/tools/debian-openssl/debian_ssh_rsa_4096_x86.tar.bz2

try it with ubuntu 8.04 [800 MB]

get privkey of vulnerable key: COMPROMISED: 2048 5c:10:8a:c0:55:8c:1f:d9:4b:05:f0:35:0a:0d:2f:5c /home/someuser/.ssh/authorized_keys

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages