An analysis of Censys Public Scan 20180807 (only port 22) to estimate the number of servers {potentially} vulnerable to the recent Libssh bug.
- CVE-2018-10933 Advisory
- Exploit - Patched Libssh Client
- CVE-2018-10933-test
- libSSH-Authentication-Bypass
- HASSH - an SSH client/server profiling method
- ssh-hassh nmap script
- Censys data
- Hunt for and Exploit the libSSH Authentication Bypass
- A sample Shodan filter:
product:libssh port:22,2222 ssh.hassh:489e30454fb8c5bdc15e54b24a80d109
| hasshServer | Server Identification String | Count |
|---|---|---|
| 489e30454fb8c5bdc15e54b24a80d109 | SSH-2.0-libssh-0.6.0 | 1076 |
| 5415e306f43f87ee2a5b9e5211eaefac | SSH-2.0-libssh_0.7.0 | 406 |
| 300791d5ac0d0fe0c11c7591e1216691 | SSH-2.0-libssh-0.6.3 | 321 |
| e80597ec7cbc1477a68bd9117d87dfdd | SSH-2.0-libssh-0.7.2 | 51 |
| e5c1da26cdde67ec7b2a7759b13b6d28 | SSH-2.0-libssh-0.6.5 | 22 |
| 50a0624954cdf5c897aac12b66688dec | SSH-2.0-libssh_0.7.5 | 16 |
| e80597ec7cbc1477a68bd9117d87dfdd | SSH-2.0-libssh-0.7.3 | 8 |
| c251cb842064997a986c1bc145aec3bd | SSH-2.0-libssh-0.7.1 | 6 |
| hasshServer | Server Identification String | Count |
|---|---|---|
| 489e30454fb8c5bdc15e54b24a80d109 | SSH-2.0-libssh-0.6.0 | 1076 |
| 300791d5ac0d0fe0c11c7591e1216691 | SSH-2.0-libssh-0.6.0, SSH-2.0-libssh-0.6.3 | 442 |
| 5415e306f43f87ee2a5b9e5211eaefac | SSH-2.0-libssh_0.7.0 | 406 |
| 6b52d83483f50b8f01f406a47b0c730c | SSH-2.0-libssh_0.7.0 | 131 |
| 6e3fb87b7382dbced382641f012ced5e | SSH-2.0-libssh-0.7.0 | 98 |
| 525f9e1788267b077b6e2b2529492905 | SSH-2.0-libssh-0.7.0 | 74 |
| e80597ec7cbc1477a68bd9117d87dfdd | SSH-2.0-libssh-0.7.2, SSH-2.0-libssh-0.7.3 | 59 |
| bf8ae9cb26a1222fe7b9323edd6f8814 | SSH-2.0-libssh-0.6.0, SSH-2.0-libssh-0.6.1, SSH-2.0-libssh-0.6.3 | 37 |
| 85a34ecc072b7fee11a05e8208ffc2a2 | SSH-2.0-libssh_0.7.0 | 33 |
| 3cec38e362b52f605c3f619d2fa898a9 | SSH-2.0-libssh-0.6.0 | 28 |
| e5c1da26cdde67ec7b2a7759b13b6d28 | SSH-2.0-libssh-0.6.5 | 22 |
| 50a0624954cdf5c897aac12b66688dec | SSH-2.0-libssh_0.7.5 | 16 |
| c251cb842064997a986c1bc145aec3bd | SSH-2.0-libssh-0.6.0, SSH-2.0-libssh-0.7.0, SSH-2.0-libssh-0.7.1 | 15 |
| a3c5503aaac766fe70067eb7d7114046 | SSH-2.0-libssh_0.7.5 | 8 |
| a957df03ca15a1f0f532f55cb031d4a0 | SSH-2.0-libssh-0.6.3 | 6 |
| ff0e73523bfc6173fc6029705689efa5 | SSH-2.0-libssh_0.7.5 | 5 |
| 59553fa7f7cd28b35246771fa9a493ea | SSH-2.0-libssh-0.7.3 | 3 |
| 9e706fd7cb4747756448bbc74e27220b | SSH-2.0-libssh-0.6.0 | 2 |
| 7f0ad9c1c1b97136bb439aee56427bea | SSH-2.0-libssh-0.7.2 | 1 |
| c5e3f21bfd616e32afee0563dc27880d | SSH-2.0-libssh-0.7.3 | 1 |
| hasshServer | Server Identification String |
|---|---|
| 489e30454fb8c5bdc15e54b24a80d109 | SSH-2.0-libssh-0.6.0 |
| 300791d5ac0d0fe0c11c7591e1216691 | SSH-2.0-libssh-0.6.0, SSH-2.0-libssh-0.6.3 |
| 5415e306f43f87ee2a5b9e5211eaefac | SSH-2.0-libssh_0.7.0 |
| 6e3fb87b7382dbced382641f012ced5e | SSH-2.0-libssh_0.7.0 |
| 525f9e1788267b077b6e2b2529492905 | SSH-2.0-libssh-0.7.0 |
| 3cec38e362b52f605c3f619d2fa898a9 | SSH-2.0-libssh-0.5.2, SSH-2.0-libssh-0.5.5, SSH-2.0-libssh-0.6.0 |
| 85a34ecc072b7fee11a05e8208ffc2a2 | SSH-2.0-libssh-0.7.0 |
| e5c1da26cdde67ec7b2a7759b13b6d28 | SSH-2.0-libssh-0.6.5 |
| 50a0624954cdf5c897aac12b66688dec | SSH-2.0-libssh_0.7.5 |
| a3c5503aaac766fe70067eb7d7114046 | SSH-2.0-libssh_0.7.5 |
| a957df03ca15a1f0f532f55cb031d4a0 | SSH-2.0-libssh-0.6.3 |
| 59553fa7f7cd28b35246771fa9a493ea | SSH-2.0-libssh-0.7.3 |
| 9e706fd7cb4747756448bbc74e27220b | SSH-2.0-libssh-0.6.0 |
| 7f0ad9c1c1b97136bb439aee56427bea | SSH-2.0-libssh-0.7.2 |
| c5e3f21bfd616e32afee0563dc27880d | SSH-2.0-libssh-0.7.3 |
| f1ac99f2fbd8ecf3252d3dc9eb436e82 | SSH-2.0-libssh-0.7.3 |
| hasshServer | Server Identification String |
|---|---|
| e80597ec7cbc1477a68bd9117d87dfdd | SSH-2.0-Gitee.com, SSH-2.0-HomeSSH-v1.1, SSH-2.0-OpenSSH_5.9p1 Debian-5ubuntu1.4, SSH-2.0-OpenSSH_6.7p1 Debian-5+deb8u3, SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.1, SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.2, SSH-2.0-RESTRICTED, SSH-2.0-WingFTPServer, SSH-2.0-dropbear, SSH-2.0-elastic-sshd, SSH-2.0-libssh, SSH-2.0-libssh-0.7.2, SSH-2.0-libssh-0.7.3, SSH-2.0-sftpwrapper |
| 6b52d83483f50b8f01f406a47b0c730c | SSH-2.0-OpenSSH_6.8, SSH-2.0-libssh_0.7.0 |
| bf8ae9cb26a1222fe7b9323edd6f8814 | SSH-2.0-1.0.0(NET9), SSH-2.0-OpenSSH, SSH-2.0-OpenSSH_5.9p1 Debian-5ubuntu1.4, SSH-2.0-OpenSSH_6.2_hpn13v11, SSH-2.0-OpenSSH_6.6.1, SSH-2.0-SSH-2.0-dropbear_2012.55, SSH-2.0-elastic-sshd, SSH-2.0-libssh-0.6.0, SSH-2.0-libssh-0.6.1, SSH-2.0-libssh-0.6.3 |
| c251cb842064997a986c1bc145aec3bd | SSH-2.0-OpenSSH_5.9p1 Debian-5ubuntu1.4, SSH-2.0-OpenSSH_6.5, SSH-2.0-libssh-0.6.0, SSH-2.0-libssh-0.7.0, SSH-2.0-libssh-0.7.1, SSH-2.0-sftpwrapper |
| ff0e73523bfc6173fc6029705689efa5 | SSH-2.0-WingFTPServer, SSH-2.0-libssh_0.7.5 |
Nice information, I share it on my post.