Metasploit ssh_login_pubkey

[i8igmac]

im looking for a collection of keys i could play around with, does any one know of a list of default keys for download? Does such a thing exist?

 

This metasploit module will attempt to loginto a host with a set KEY => kali./ssh/ssh_key

 

Just a example, any one who installs kali could be vulnerable to this type of attack, the key is the same on all kali machines, after kali is installed it is recamended this ssh_key be replaced.

 

so is there a list kf common default ssh keys any one has seen for download?

[PoSHMagiC0de]

That pertains to prebuilt images for non PC devices.  Nethunter and Kali for Raspberry PI or other Arm devices comes as a preinstalled OS image, same goes for the virtual images.  Those will have default keys and you can get them from the images when downloaded.  Anyone that used the ISO to install will have new keys because the package is installed at that moment hence it generates the keys right there.

 

[i8igmac]

4 hours ago, PoSHMagiC0de said:

That pertains to prebuilt images for non PC devices.  Nethunter and Kali for Raspberry PI or other Arm devices comes as a preinstalled OS image, same goes for the virtual images.  Those will have default keys and you can get them from the images when downloaded.  Anyone that used the ISO to install will have new keys because the package is installed at that moment hence it generates the keys right there.

 

So. I guess I misunderstood...

 

During installation, a new key is generated?

 

The same goes for routers and other little nas devices?

[PoSHMagiC0de]

Yelp, new installations of distros from iso generates new keys.  If it is an img that is just copied to device like pi or phone the keys will be whatever they are in that image unless ssh is not installed in which case when it ssh server is installed it will generate new keys.

[i8igmac]

3 hours ago, PoSHMagiC0de said:

Yelp, new installations of distros from iso generates new keys.  If it is an img that is just copied to device like pi or phone the keys will be whatever they are in that image unless ssh is not installed in which case when it ssh server is installed it will generate new keys.

What about lot devices. Routers, network storage, arm devices. its possible these kind of devices where flashed with duplicate SSH_keys.

 

 

edit;

Or if a bunch of identicle devices where flashed with the same os, could the mac address be incorperated in generating the new ssh key or something predictable.

Edited November 16, 2017 by i8igmac

[PoSHMagiC0de]

Do not know how manufacturers provision their devices.  If they just burned the same image onto their devices with ssh installed already and if they set it up for key login with a key then there will be one there in all the images.  Also the ID key of the server will be the same though I believe the server key will only assist you with MiTM to trick the user that you are the SSH server.  If they never used keys to sign into SSH then there will be no default keys, just default passwords.  If they never installed SSH but gives you the option to D/L and install like with Open WRT and opkg files then the key will be regenerated for the server and the user can copy a new logon key to the server for authentication which will not be default.

 

So in short, it depends.  The keys I think you are looking for are auth keys.  If the manufacturer never used keys for auth then it will never have default key, just password.