Koox cilmi-baarayaal ah oo ka socda Jaamacadda Ruhr ee Bochum (Jarmalka) ayaa soo bandhigay farsamo cusub oo MITM ah oo weerar ah oo ku saabsan SSH - Terrapin, kaas oo ka faa'iideysanaya nuglaanta (CVE-2023-48795) ee borotokoolka. Weeraryahan awood u leh inuu abaabulo weerarka MITM wuxuu awood u leeyahay, inta lagu guda jiro habka gorgortanka isku xirka, inuu joojiyo diritaanka fariinta isagoo habeynaya borotokoolka kordhinta si loo yareeyo heerka amniga isku xirka. Nooca qalabka weerarka ayaa lagu daabacay GitHub.
Marka la eego macnaha guud ee OpenSSH, nuglaanshaha, tusaale ahaan, wuxuu kuu ogolaanayaa inaad dib u soo celiso xidhiidhka si aad u isticmaasho algorithms-ka xaqiijinta oo yar oo aad joojiso ilaalinta ka hortagga weerarrada kanaalka ee dib u abuura gelinta adoo falanqeynaya dib u dhaca u dhexeeya furayaasha furayaasha kumbuyuutarka. Maktabadda Python ee AsyncSSH, oo ay weheliso nuglaanshaha (CVE-2023-46446) ee hirgelinta mashiinka gobolka gudaha, weerarka Terrapin wuxuu noo ogolaanayaa inaan nafteena u galno fadhiga SSH.
Nuglaanta waxay saamaysaa dhammaan fulinta SSH ee taageera ChaCha20-Poly1305 ama qaabka CBC oo ay weheliso qaabka ETM (Encrypt- then-MAC). Tusaale ahaan, awoodaha la midka ah ayaa laga helay OpenSSH in ka badan 10 sano. Nuglaanta waxay ku go'an tahay siideynta maanta ee OpenSSH 9.6, iyo sidoo kale cusbooneysiinta PuTTY 0.80, libssh 0.10.6/0.9.8 iyo AsyncSSH 2.14.2. Gudaha Dropbear SSH, hagaajinta ayaa mar hore lagu daray koodka, laakiin siideyn cusub wali lama soo saarin.
Nuglaanta waxaa sababa xaqiiqda ah in weeraryahan xakameynaya taraafikada isku xirka (tusaale, milkiilaha barta wireless-ka xaasidnimada leh) uu hagaajin karo lambarada isku xigxiga ee xirmada inta lagu jiro habka gorgortanka isku xirka oo uu gaaro tirtirka aamusnaanta ee lambar aan sabab lahayn ee fariimaha adeegga SSH waxaa soo diray macmiilka ama server-ka. Waxyaabo kale, weeraryahanku wuxuu tirtiri karaa SSH_MSG_EXT_INFO fariimaha loo isticmaalo habaynta borotokoolka kordhinta la isticmaalay. Si looga hortago kooxda kale inay ogaadaan khasaaraha xirmo sababtoo ah farqiga u dhexeeya tirooyinka isku xigxiga, weeraryahanku wuxuu bilaabay inuu diro xirmo khariban oo leh nambar isku xigta oo la mid ah baakidhka fog si uu u beddelo lambarka taxanaha. Xirmada bakhtiyaa-nasiibku waxa ay ka kooban tahay fariin leh calanka SSH_MSG_IGNORE, kaas oo la iska indhotiray inta lagu jiro habaynta.
Weerarka laguma fulin karo iyada oo la adeegsanayo ciphers streams iyo CTR, maadaama xadgudubka daacadnimada lagu ogaan doono heerka codsiga. Ficil ahaan, kaliya ChaCha20-Poly1305 cipher ayaa u nugul in la weeraro[emailka waa la ilaaliyay]), kaas oo gobolka lagu dabagalo oo keliya lambarrada taxanaha fariimaha, iyo isku-darka qaabka Encrypt-Then-MAC (*[emailka waa la ilaaliyay]) iyo CBC ciphers.
Gudaha OpenSSH 9.6 iyo hirgelinta kale, kordhinta borotokoolka "adag ee KEX" ayaa la hirgeliyay si loo joojiyo weerarka, kaas oo si toos ah u shaqeynaya haddii ay jirto taageero dhinaca serverka iyo dhinacyada macaamiisha. Kordhintu waxay joojinaysaa xidhiidhka marka la helo farriimaha aan caadiga ahayn ama aan loo baahnayn (tusaale, leh SSH_MSG_IGNORE ama SSH2_MSG_DEBUG calanka) ee la helay intii lagu jiray nidaamka gorgortanka xidhiidhka, iyo sidoo kale dib u dajinta MAC (Xeerka Xaqiijinta Fariinta) ka dib marka la dhammeeyo isweydaarsi kasta oo muhiim ah.
Source: opennet.ru