Skip to content
This repository was archived by the owner on Jul 21, 2025. It is now read-only.
This repository was archived by the owner on Jul 21, 2025. It is now read-only.

not detecting some diffie-hellman kex algorithms #23

Open
Open
not detecting some diffie-hellman kex algorithms#23
@IV2KBMoFxYIA

Description

@IV2KBMoFxYIA
IV2KBMoFxYIA
opened on Sep 8, 2022

an nmap scan for a server shows

Not shown: 822 closed tcp ports (conn-refused), 177 filtered tcp ports (no-response)
PORT   STATE SERVICE
22/tcp open  ssh
| ssh2-enum-algos: 
|   kex_algorithms: (12)
|       curve25519-sha256
|       curve25519-sha256@libssh.org
|       ecdh-sha2-nistp256
|       ecdh-sha2-nistp384
|       ecdh-sha2-nistp521
|       diffie-hellman-group-exchange-sha256
|       diffie-hellman-group16-sha512
|       diffie-hellman-group18-sha512
|       diffie-hellman-group-exchange-sha1
|       diffie-hellman-group14-sha256
|       diffie-hellman-group14-sha1
|       diffie-hellman-group1-sha1

shows on sshscan as


[+] Detected the following ciphers: 
            chacha20-poly1305@openssh.com        aes128-cbc                           
            aes128-ctr                           aes192-cbc                           
            aes192-ctr                           aes256-cbc                           
            aes256-ctr                           blowfish-cbc                         
            aes128-gcm@openssh.com               cast128-cbc                          
            aes256-gcm@openssh.com               3des-cbc                             


    [+] Detected the following KEX algorithms: 
            curve25519-sha256                    ecdh-sha2-nistp25                    
            curve25519-sha256@libssh.org                                              


    [+] Detected the following MACs: 
            umac-64-etm@openssh.com              umac-64@openssh.com                  
            umac-128-etm@openssh.com             umac-128@openssh.com                 
            hmac-sha2-256-etm@openssh.com        hmac-sha2-256                        
            hmac-sha2-512-etm@openssh.com        hmac-sha2-512                        
            hmac-sha1-etm@openssh.com            hmac-sha1                            


    [+] Detected the following HostKey algorithms: 
            ssh-rsa                              ecdsa-sha2-nistp256                  
            rsa-sha2-512                         ssh-ed25519                          
            rsa-sha2-256                                                              


    [+] Target SSH version is: SSH-2.0-OpenSSH_7.4
    [+] Retrieving ciphers...
    [+] Detected the following weak ciphers: 
            aes128-cbc                           blowfish-cbc                         
            aes192-cbc                           cast128-cbc                          
            aes256-cbc                           3des-cbc                             


    [+] Detected the following weak KEX algorithms: 
            ecdh-sha2-nistp25                                                         


    [+] Detected the following weak MACs: 
            umac-64-etm@openssh.com              umac-64@openssh.com                  
            hmac-sha1-etm@openssh.com            hmac-sha1                            


    [+] Detected the following weak HostKey algorithms: 
            rsa-sha2-512                         ecdsa-sha2-nistp256                  
            rsa-sha2-256                                                              


    [+] Compression has been enabled!

Notice that the diffie-hellman-group1-sha1 and others like it do not show on the sshscan output.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions