[prev in list] [next in list] [prev in thread] [next in thread]
List: busybox
Subject: Re: SSH Weak Key Exchange Algorithms Enabled on UniFi Wireless Access Points
From: Alexander Dahl <ada () thorsis ! com>
Date: 2022-10-28 5:49:50
Message-ID: Y1ttfi+7D3Kk5Upi () ada ! ifak-system ! com
[Download RAW message or body]
Hei hei,
Am Thu, Oct 27, 2022 at 09:17:40PM +0800 schrieb Turritopsis Dohrnii Teo En Ming:
> On Thu, 27 Oct 2022 at 21:14, Markus Gothe <nietzsche@lysator.liu.se> wrote:
>
> > Hi, you are unfortunately reaching out to the wrong people. BusyBox does
> > NOT provide a ssh server.
> >
> > Please contact the manufacturer of the product.
> >
> > //Markus
> >
> > Sent via BlackBerry Hub+ Inbox for Android
> > <http://play.google.com/store/apps/details?id=com.blackberry.hub>
> >
>
> Noted with thanks. I will contact Ubiquiti.
You can certainly do that, but it is usually not that hard to find out
which ssh software the remote server is running. You could try
ssh -v root@host
and would get something like this:
debug1: Local version string SSH-2.0-OpenSSH_8.4p1 Debian-5+deb11u1
debug1: Remote protocol version 2.0, remote software version dropbear
debug1: no match: dropbear
Or this:
debug1: Local version string SSH-2.0-OpenSSH_7.9p1 Debian-10+deb10u2
debug1: Remote protocol version 2.0, remote software version OpenSSH_8.4p1 Debian-5+deb11u1
debug1: match: OpenSSH_8.4p1 Debian-5+deb11u1 pat OpenSSH* compat 0x04000000
Another possibility would be to use nmap with the option -sV and you
would get something like this:
PORT STATE SERVICE VERSION
22/tcp open ssh Dropbear sshd (protocol 2.0)
MAC Address: 74:AC:B9:66:04:74 (Ubiquiti Networks)
Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel
Or this:
PORT STATE SERVICE VERSION
22/tcp open ssh OpenSSH 8.4p1 Debian 5+deb11u1 (protocol 2.0)
MAC Address: 00:0C:29:4E:BE:9E (VMware)
Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel
Note: one of the devices I tried here is a Unifi AP AC-Lite. ;-)
Greets
Alex
>
>
> > *From:* tdtemccnp@gmail.com
> > *Sent:* 27 October 2022 15:02
> > *To:* busybox@busybox.net
> > *Cc:* ceo@teo-en-ming-corp.com
> > *Subject:* SSH Weak Key Exchange Algorithms Enabled on UniFi Wireless
> > Access Points
> >
> > Subject: SSH Weak Key Exchange Algorithms Enabled on UniFi Wireless Access
> > Points
> >
> > Good day from Singapore,
> >
> > I have discovered that UniFi Wireless Access Points are powered by Busybox.
> >
> > Vulnerability scanning of my client's corporate network shows SSH weak key
> > exchange algorithms enabled on UniFi wireless access points.
> >
> > Article: SSH WEAK KEY EXCHANGE ALGORITHMS ENABLED
> > Link:
> > https://www.virtuesecurity.com/kb/ssh-weak-key-exchange-algorithms-enabled/
> >
> > According to the above article, we must make changes to
> > /etc/sshd/sshd_config, especially the KexAlgorithms directive.
> >
> > However, when I putty/SSH into Busybox, I cannot find the file
> > /etc/sshd/sshd_config. What SSH server is running inside Busybox?
> >
> > How can I make changes to the SSH server within Busybox so that I can
> > disable the SSH weak key exchange algorithms?
> >
> > Please advise.
> >
> > Thank you.
> >
> > By the way, I also noticed that Hikvision Face Recognition Terminal Door
> > Access Systems are also powered by Busybox.
> >
> > I am doing this for an investment company at Keppel Road, Singapore.
> >
> > Regards,
> >
> > Mr. Turritopsis Dohrnii Teo En Ming
> > Targeted Individual in Singapore
> > Blogs:
> > https://tdtemcerts.blogspot.com
> > https://tdtemcerts.wordpress.com
> >
> >
> >
> >
> _______________________________________________
> busybox mailing list
> busybox@busybox.net
> http://lists.busybox.net/mailman/listinfo/busybox
_______________________________________________
busybox mailing list
busybox@busybox.net
http://lists.busybox.net/mailman/listinfo/busybox
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic