PDA

View Full Version : [ubuntu] Working prototype to exploit recent OpenSSL vulnerability?



kevdog
June 8th, 2008, 11:41 PM
Wondering if anyone has script or program to actually exploit the recently discovered OpenSSL vulnerability -- specifically in regards to OpenSSH. I'd like to test my own systems and gather some benchmarks about how long it would actually take to crack my own SSH server. Any links would be appreciated.

brian_p
June 9th, 2008, 12:58 AM
Wondering if anyone has script or program to actually exploit the recently discovered OpenSSL vulnerability -- specifically in regards to OpenSSH. I'd like to test my own systems and gather some benchmarks about how long it would actually take to crack my own SSH server. Any links would be appreciated.

http://www.astalavista.com/index.php?section=exploits&cmd=details&id=5707

kevdog
June 9th, 2008, 01:15 AM
Will this work with keys other than those provided?

HalPomeranz
June 9th, 2008, 03:38 AM
See also:

http://www.metasploit.com/users/hdm/tools/debian-openssl/

This page has links to the tools HD used to generate the keys. If you need to create keys for a different architecture, you should be able to use HD's original scripts.

The above page also has links to a couple of brute-forcing tools that use the pre-computed keys, including:

http://milw0rm.com/exploits/5622 (linked in the post above)
http://metasploit.com/users/hdm/tools/debian-openssl/debian_openssh_key_tester.rb

kevdog
June 9th, 2008, 04:30 AM
Good links and explanations particularly in the first link. I going to see if I can do this. Just curious, anyplace to get the Openssl/openssh compromised source so I could install the bad version in Hardy to create compromised keys?

Or can someone just post some compromised keys that they generated that I could try?

brian_p
June 9th, 2008, 09:43 AM
Just curious, anyplace to get the Openssl/openssh compromised source so I could install the bad version in Hardy to create compromised keys?

Sources or .debs? A .deb for etch1 is at

http://debian.mirror.inra.fr/debian/pool/main/o/openssl/