Remote host key scanner for Debian SSH - updated 2008-05-16

debian_ssh_scan_v4.tar.bz2 [3.8 MB] (SHA1 0d82ffbbb980000b804cacfad1925f9242471a83)

Now includes fingerprints of all weak DSA 1024 + RSA 2048 and RSA 1023 / 1024 / 2047 / 4096 / 8192 bit keys (201691 fingerprints in total).

Runs multi-threaded if a list of targets is supplied on stdin.

# debian_ssh_scan.py v4
#
# Remote check for weak Debian sshd host keys (CVE-2008-0166, http://www.debian.org/security/2008/dsa-1571) by Hubert Seiwert 2008-05-16.
# Fingerprints taken from keys generated by HD Moore (http://metasploit.com/users/hdm/tools/debian-openssl/)
# Multi-threading code contributed by Justin Azoff. Tested with Python 2.5.2 and Paramiko 1.7.3.
#
# Give 1 target on the commandline or multiple targets on stdin
#
# ./debian_ssh_scan_v4.py 10.128.62.4
# 201691 fingerprints loaded.
# 10.128.62.4:22 sshd fingerprint c0e7aa69a6a2d7d96dfe07f168985d72 VULNERABLE (RSA 2048 bit key, pid 1626)
#
# cat targets.txt | ./debian_ssh_scan_v4.py
# 201691 fingerprints loaded.
# 127.0.0.1:22 sshd fingerprint 97382c98fe3d45fa779abd34bb65fb73 VULNERABLE (RSA 2048 bit key, pid 5214)
# 10.128.62.4:22 sshd fingerprint 9cf71acb1b0dff0dceef4f755f721e9d VULNERABLE (RSA 2048 bit key, pid 5252)
# test.ath.cx:9822 sshd fingerprint 3343c8ec72712a6b2ceee10ef1785e84 unknown

Requires the paramiko python ssh module.


Contact: hubert at itsecurity.net.