Network Penetration Testing

Debian Predictable Random Number Generator Weakness

our services

In 2008 it was found that certain Debian releases implemented a critically flawed random number generator. This caused SSH and OpenSSL keys generated from these machines to be predictable, allowing most encrypted traffic to be susceptible to decryption. Furthermore, SSH services configured with key based authentication can be brute forced with the relatively small numbers of keys that could exist. In these situations a remote attacker would be able to obtain system level access if they can identify a username using key based auth.

Debian has released the dowkd utility to check for vulnerable keys: https://wiki.debian.org/SSLkeys#Testing_keys_using_dowkd.pl

Below shows a predictable key identified: root@kali:~/debian_ssh/debian_ssh_scan_v4# ./debian_ssh_scan_v4.py
[..]

Remediation

Virtue Security recommends the all system packages are updated and that SSH keys are regenerated.

We
Are
Changing
The
Way
Pentesting
Is
Done
  • Application
  • Network
  • Mobile
  • AWS