Libssh any vulnerable server (CVE-2018-10933)?

occupi · October 26, 2018, 3:31pm

Do you want me to grab both sets separately or just the product:libssh set?

Virgula · October 26, 2018, 3:32pm

I’m not sure but I don’t want let you to waste credits. so grab only libssh (https://www.shodan.io/search?query=libssh) because should already have product:libssh query results itself

occupi · October 26, 2018, 5:16pm

Voila, in CSV format (and gzipped for compression)
http://www.fast-files.com/getfile.aspx?file=176052

Virgula · October 26, 2018, 5:21pm

File does not exist anymore on the server

occupi · October 26, 2018, 5:32pm

Ugh, okay. Uploaded the results to one of our webhosts for now: https://bit.ly/2Rc5giU

Techno_Forg · October 26, 2018, 8:16pm

Ight… let me see what I can do.

I payed the one time fee.

Techno_Forg · October 27, 2018, 2:04am

Ight, so my script is ready and it can be used for multiple different purposes. Please use it, but also edit it as need be… currently gonna add a scanner for libssh if need be but we should be fine… only issue with current scripts for a scanner is that they’d have to take file input. Also, a note on the script, I added the ability to input the number of pages to query. If the pages doesn’t exist, it’ll return a error saying query isn’t valid or something like that. For libssh purposes do the math… lol. 100 results are returned per page with the API, but also, you must have a valid API key too. Currently I don’t have enough credits until next month. @occupi, feel free to use this script especially.

Code here:

Any other questions feel free to ask. I’m very busy to so please bear with me.

Also, @pry0cc, don’t know, but shouldn’t this script have its own post by now? lol. It has been a while since I worked on it. lolol.

With that being said, ~Cheers!

–Techno Forg–

Virgula · October 27, 2018, 9:45am

I’m still testing all 6300 server automatically of @occupi list with my script since yesterday.

Techno_Forg · October 27, 2018, 3:20pm

Are you mass scanning them?

pry0cc · October 27, 2018, 9:27pm

It’s fine here for now. I don’t think it warrants another post.

Virgula · October 28, 2018, 6:11pm

All right, I tested all 6300 servers of Shodan, all servers that have vulnerable versions of libssh are ALL unexploitable.
Most common exceptions and reasons are:

·Secsh channel 0 open FAILED: : Administratively prohibited => So Undefinied Exception. Probably channel is closed or not PortForwarded.
·Server down
·Oops, unhandled type 3 ('unimplemented') => So Undefinied Exception.  Probably channel is closed or not PortForwarded.

This vulnerability it’s a bullshit, now is confirmed.

Techno_Forg · October 28, 2018, 9:05pm

Let’s not call BS on it quite yet… the scripts thus far could incomplete. I still need to study a bit longer. Please bear with me.

bretph0t0n · October 30, 2018, 11:32pm

X2go is vulnerable ; Shodan doesn’t give a good number. Lot of application working for sehll ssh and not working with openssh

fxbg · November 9, 2018, 7:48pm

Isn’t it the library that’s vulnerable, and not the ssh server itself? Probably why none of them are exploitable.

system · November 22, 2018, 5:06pm

This topic was automatically closed after 30 days. New replies are no longer allowed.