{{HOSTNAME}} = U6-Enterprise running firmware v6.6.65
$ Terrapin_Scanner_MacOS_arm64_darwin -connect {{HOSTNAME}}
================================================================================
==================================== Report ====================================
================================================================================
Remote Banner: SSH-2.0-dropbear_2020.81
ChaCha20-Poly1305 support: true
CBC-EtM support: false
Strict key exchange support: false
The scanned peer is VULNERABLE to Terrapin.
Note: This tool is provided as is, with no warranty whatsoever. It determines
the vulnerability of a peer by checking the supported algorithms and
support for strict key exchange. It may falsely claim a peer to be
vulnerable if the vendor supports countermeasures other than strict key
exchange.
For more details visit our website available at https://terrapin-attack.com
$ ssh {{HOSTNAME}}
{{HOSTNAME}}-BZ.6.6.65# dropbear --help
Invalid option --
Dropbear server v2020.81 https://matt.ucc.asn.au/dropbear/dropbear.html
Usage: dropbear [options]
Dropbear hasn't had a release since 2022 and the Terrapin fix from Dec 31, 2023 is just sitting there.
References:
https://terrapin-attack.com/patches.html
https://github.com/mkj/dropbear/releases
https://github.com/mkj/dropbear/issues/270
https://community.ui.com/questions/UbiOS-Dropbear-upgrade/b66ca71f-adef-4a3f-b6c6-2d26f9d3bc67
