This is the first version of the "weaponized" exploit for
Posted by Eddie Harari on Full Disclosure
By sending large passwords, a remote user can enumerate users on system that runs SSHD. This problem exists in most
modern configuration due to the fact that it takes much longer to calculate SHA256/SHA512 hash than BLOWFISH hash.
The (more) technical:
When SSHD tries to authenticate a non-existing user, it will pick up a fake password structure hardcoded in the SSHD
source code. On this hard coded password structure the password hash is based on BLOWFISH ($2) algorithm.
If real users passwords are hashed using SHA256/SHA512, then sending large passwords (10KB) will result in shorter
response time from the server for non-existing users.
NOTE: Mr. Harari tested this on
opensshd-7.2p2, while my testing was done on
The script is currently based around a 10-30% range of deviation for timing(s) of valid versus invalid usernames. Currently only >20% are accepted as a valid usernames and appended to the output list accordingly (feel free to tweak this within the script). This has proved effective for me.
- More information on the process/background: https://blog.justicecassel.com/2016/08/08/analyzing-and-weaponizing-the-latest-openssh-enumeration-vulnerability-2/