Entreprise d'experts en Sécurité Informatique : Audits et conseils en cybersécurité
Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com


CVE-2008-0166

Description

OpenSSL 0.9.8c-1 up to versions before 0.9.8g-9 on Debian-based operating systems uses a random number generator that generates predictable numbers, which makes it easier for remote attackers to conduct brute force guessing attacks against cryptographic keys.

POC

Reference

- https://www.exploit-db.com/exploits/5622

- https://www.exploit-db.com/exploits/5632

- https://www.exploit-db.com/exploits/5720

Github

- https://github.com/ARPSyndicate/cvemon

- https://github.com/AhegaoPsyops/sslWeakness

- https://github.com/AlienTec1908/Ephemeral3_HackMyVM_Easy

- https://github.com/AlienTec1908/Klim_HackMyVM_Medium

- https://github.com/Alirezarv700/CryptoDeepTools

- https://github.com/CVE-2008-0166/dwk_blocklists

- https://github.com/CVE-2008-0166/dwk_blocklists_sqlite3

- https://github.com/CVE-2008-0166/dwklint

- https://github.com/CVE-2008-0166/key_generator

- https://github.com/CVE-2008-0166/openssl_blocklists

- https://github.com/CVE-2008-0166/private_keys

- https://github.com/CVEDB/PoC-List

- https://github.com/CVEDB/awesome-cve-repo

- https://github.com/D4-project/snake-oil-crypto

- https://github.com/DFKTYNBY967/-

- https://github.com/Pirtmoppfnx861le/CryptoDeepTools

- https://github.com/RanadheerDanda/debian-ssh

- https://github.com/RodrigoVarasLopez/Download-Scanners-from-Nessus-8.7-using-the-API

- https://github.com/alexispotter27/Vulnerability-Scanning

- https://github.com/amphib24/nessus_scan_cysa-_book

- https://github.com/avarx/vulnkeys

- https://github.com/b4el7d/KlimAutoRoot

- https://github.com/badkeys/debianopenssl

- https://github.com/brimstone/stars

- https://github.com/bunyadovaytac/cyber-lab4

- https://github.com/chnzzh/OpenSSL-CVE-lib

- https://github.com/coinsed/deep-tool

- https://github.com/darkweb1663/Network-Vulnerability-Project

- https://github.com/demining/Chinese-version-of-Bitcoin-blockchain-cryptanalysis

- https://github.com/demining/CryptoDeepTools

- https://github.com/demining/Japanese-version-of-Bitcoin-blockchain-cryptanalysis

- https://github.com/demining/Korean-version-of-Bitcoin-blockchain-cryptanalysis

- https://github.com/demining/Vulnerable-to-Debian-OpenSSL-bug-CVE-2008-0166

- https://github.com/faithfultin/pkimetal

- https://github.com/g0tmi1k/debian-ssh

- https://github.com/git-forgexnmo0/CryptoDeepTools

- https://github.com/google/paranoid_crypto

- https://github.com/hackerhouse-opensource/exploits

- https://github.com/hackerschoice/thc-btc-rng-bruteforce

- https://github.com/hdyfha/crypto

- https://github.com/hibahmad30/MetasploitVulnAnalysis

- https://github.com/hoefling/dsa-1571

- https://github.com/huzhifeng/dailybox

- https://github.com/islanddog/htb_oscp_notes

- https://github.com/jessexe/Crypto

- https://github.com/kherrick/hacker-news

- https://github.com/kherrick/lobsters

- https://github.com/krlabs/openssl-vulnerabilities

- https://github.com/manyunya/CryptoDeepTools

- https://github.com/mueed98/CryptoToolDeep

- https://github.com/nitishbadole/oscp-note-2

- https://github.com/olivexo28/potential-octo-waddle

- https://github.com/pixel-wipe/CryptoDeepTools

- https://github.com/pkimetal/pkimetal

- https://github.com/rileyHoward92/CryptoDeepTools

- https://github.com/rmsbpro/rmsbpro

- https://github.com/satisfiedtrig/pkimetal

- https://github.com/shn3rd/OpenSSL-PRNG

- https://github.com/snowdroppe/ssh-keybrute

- https://github.com/zhaoolee/garss