CVE-2013-4434

Dropbear SSH < 2013.59 - Username Enumeration via Timing Attack

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2013-4434. PoCs published by styx00.

AI-analyzed exploit summary This script checks for CVE-2013-4434 by measuring time delays in Dropbear SSH Server's error messages to determine valid usernames. It uses 'sshpass' to automate login attempts with a provided wordlist.

Description

Dropbear SSH Server before 2013.59 generates error messages for a failed logon attempt with different time delays depending on whether the user account exists, which allows remote attackers to discover valid usernames.

Exploits (1)

nomisec SCANNER 3 stars

by styx00 · poc

https://github.com/styx00/Dropbear_CVE-2013-4434

View Code ZIP pw:eip

This script checks for CVE-2013-4434 by measuring time delays in Dropbear SSH Server's error messages to determine valid usernames. It uses 'sshpass' to automate login attempts with a provided wordlist.

Classification

Scanner 100%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: Dropbear SSH Server before 2013.59

No auth needed

Prerequisites: sshpass installed · wordlist of usernames · network access to target

MITRE ATT&CK