Skip to content

Commit

Permalink
support for ssh_dispatch_fatal (#1068)
Browse files Browse the repository at this point in the history 
* support for ssh_dispatch_fatal raised by the public poc for cve-2024-6387

---------

Co-authored-by: GitHub Action <[email protected]>
  • Loading branch information
@buixor @actions-user
buixor and actions-user authored Jul 5, 2024
1 parent 52b9b65 commit 3b055c7
Show file tree
Hide file tree
Showing 8 changed files with 123 additions and 43 deletions.
2 changes: 1 addition & 1 deletion .github/workflows/update_taxonomy.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -53,7 +53,7 @@ jobs:
(git add taxonomy/ && git commit -m "Update taxonomy" && git pull --rebase origin ${BRANCH_NAME}) || exit 0
- name: Push changes
if: ${{ github.event_name == 'push'}}
uses: ad-m/github-push-action@master
uses: ad-m/github-push-action@v0.8.0
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
branch: ${{ github.ref }}
Expand Down
16 changes: 12 additions & 4 deletions .index.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7507,7 +7507,7 @@
"crowdsecurity/sshd-logs": {
"path": "parsers/s01-parse/crowdsecurity/sshd-logs.yaml",
"stage": "s01-parse",
"version": "2.6",
"version": "2.7",
"versions": {
"0.1": {
"digest": "ecd40cb8cd95e2bad398824ab67b479362cdbf0e1598b8833e2f537ae3ce2f93",
Expand Down Expand Up @@ -7612,10 +7612,14 @@
"2.6": {
"digest": "30c49a38d17a5ace21f41cbe175164722d1bc89ca374b1520d432d94a208a725",
"deprecated": false
},
"2.7": {
"digest": "7d541c12f97b090c5f7259b1d2c57fc6205aeea16fc7103d5bbf317f8023f27d",
"deprecated": false
}
},
"long_description": "WW91ciBvbmUgZml0cy1hbGwgc3NoIHBhcnNlciB3aXRoIHN1cHBvcnQgZm9yIHRoZSBtb3N0IGNvbW1vbiBraW5kIG9mIGZhaWxlZCBhdXRoZW50aWNhdGlvbnMgYW5kIGVycm9ycy4KCg==",
"content": "b25zdWNjZXNzOiBuZXh0X3N0YWdlCiNkZWJ1ZzogdHJ1ZQpmaWx0ZXI6ICJldnQuUGFyc2VkLnByb2dyYW0gPT0gJ3NzaGQnIgpuYW1lOiBjcm93ZHNlY3VyaXR5L3NzaGQtbG9ncwpkZXNjcmlwdGlvbjogIlBhcnNlIG9wZW5TU0ggbG9ncyIKcGF0dGVybl9zeW50YXg6CiMgVGhlIElQIGdyb2sgcGF0dGVybiB0aGF0IHNoaXBzIHdpdGggY3Jvd2RzZWMgaXMgYnVnZ3kgYW5kIGRvZXMgbm90IGNhcHR1cmUgdGhlIGxhc3QgZGlnaXQgb2YgYW4gSVAgaWYgaXQgaXMgdGhlIGxhc3QgdGhpbmcgaXQgbWF0Y2hlcywgYW5kIHRoZSBsYXN0IG9jdGV0IHN0YXJ0cyB3aXRoIGEgMgojIGh0dHBzOi8vZ2l0aHViLmNvbS9jcm93ZHNlY3VyaXR5L2Nyb3dkc2VjL2lzc3Vlcy85MzgKICBJUHY0X1dPUktBUk9VTkQ6ICg/Oig/OjI1WzAtNV18MlswLTRdWzAtOV18WzAxXT9bMC05XVswLTldPylcLil7M30oPzoyNVswLTVdfDJbMC00XVswLTldfFswMV0/WzAtOV1bMC05XT8pCiAgSVBfV09SS0FST1VORDogKD86JXtJUFY2fXwle0lQdjRfV09SS0FST1VORH0pCiAgU1NIRF9BVVRIX0ZBSUw6ICdwYW1fJXtEQVRBOnBhbV90eXBlfVwoc3NoZDphdXRoXCk6IGF1dGhlbnRpY2F0aW9uIGZhaWx1cmU7IGxvZ25hbWU9IHVpZD0le05VTUJFUjp1aWR9PyBldWlkPSV7TlVNQkVSOmV1aWR9PyB0dHk9c3NoIHJ1c2VyPSByaG9zdD0le0lQX1dPUktBUk9VTkQ6c3NoZF9jbGllbnRfaXB9KCAle1NQQUNFfXVzZXI9JXtVU0VSTkFNRTpzc2hkX2ludmFsaWRfdXNlcn0pPycKICBTU0hEX01BR0lDX1ZBTFVFX0ZBSUxFRDogJ01hZ2ljIHZhbHVlIGNoZWNrIGZhaWxlZCBcKFxkK1wpIG9uIG9iZnVzY2F0ZWQgaGFuZHNoYWtlIGZyb20gJXtJUF9XT1JLQVJPVU5EOnNzaGRfY2xpZW50X2lwfSBwb3J0IFxkKycKICBTU0hEX0lOVkFMSURfVVNFUjogJ0ludmFsaWQgdXNlclxzKiV7VVNFUk5BTUU6c3NoZF9pbnZhbGlkX3VzZXJ9PyBmcm9tICV7SVBfV09SS0FST1VORDpzc2hkX2NsaWVudF9pcH0oIHBvcnQgXGQrKT8nCiAgU1NIRF9JTlZBTElEX0JBTk5FUjogJ2Jhbm5lciBleGNoYW5nZTogQ29ubmVjdGlvbiBmcm9tICV7SVBfV09SS0FST1VORDpzc2hkX2NsaWVudF9pcH0gcG9ydCBcZCs6IGludmFsaWQgZm9ybWF0JwogIFNTSERfUFJFQVVUSF9BVVRIRU5USUNBVElOR19VU0VSOiAnQ29ubmVjdGlvbiAoY2xvc2VkfHJlc2V0KSBieSAoYXV0aGVudGljYXRpbmd8aW52YWxpZCkgdXNlciAle1VTRVJOQU1FOnNzaGRfaW52YWxpZF91c2VyfSAle0lQX1dPUktBUk9VTkQ6c3NoZF9jbGllbnRfaXB9IHBvcnQgXGQrIFxbcHJlYXV0aFxdJwogICNmb2xsb3dpbmc6IGh0dHBzOi8vZ2l0aHViLmNvbS9jcm93ZHNlY3VyaXR5L2Nyb3dkc2VjL2lzc3Vlcy8xMjAxIC0gc29tZSBzY2FubmVycyBiZWhhdmUgZGlmZmVyZW50bHkgYW5kIHRyaWdnZXIgdGhpcyBvbmUKICBTU0hEX1BSRUFVVEhfQVVUSEVOVElDQVRJTkdfVVNFUl9BTFQ6ICdEaXNjb25uZWN0ZWQgZnJvbSAoYXV0aGVudGljYXRpbmd8aW52YWxpZCkgdXNlciAle1VTRVJOQU1FOnNzaGRfaW52YWxpZF91c2VyfSAle0lQX1dPUktBUk9VTkQ6c3NoZF9jbGllbnRfaXB9IHBvcnQgXGQrIFxbcHJlYXV0aFxdJwogIFNTSERfQkFEX0tFWV9ORUdPVElBVElPTjogJ1VuYWJsZSB0byBuZWdvdGlhdGUgd2l0aCAle0lQX1dPUktBUk9VTkQ6c3NoZF9jbGllbnRfaXB9IHBvcnQgXGQrOiBubyBtYXRjaGluZyAoaG9zdCBrZXkgdHlwZXxrZXkgZXhjaGFuZ2UgbWV0aG9kfE1BQykgZm91bmQuJwojIGluIGNhc2UgdGhleSBhcmUgYmxvY2tlZCBieSAvZXRjL3NzaC9zc2hkX2NvbmZpZyBBbGxvd1VzZXJzIHh4IHl5CiAgU1NIRF9OT1RfQUxMT1dFRF9VU0VSOiAnVXNlciAle1VTRVJOQU1FOnNzaGRfaW52YWxpZF91c2VyfT8gZnJvbSAle0lQX1dPUktBUk9VTkQ6c3NoZF9jbGllbnRfaXB9KCBwb3J0IFxkKyk/IG5vdCBhbGxvd2VkIGJlY2F1c2Ugbm90IGxpc3RlZCBpbiBBbGxvd1VzZXJzJwogIFNTSERfQVVUSF9USU1FT1VUOiAnVGltZW91dCBiZWZvcmUgYXV0aGVudGljYXRpb24gZm9yICV7SVBfV09SS0FST1VORDpzc2hkX2NsaWVudF9pcH0oIHBvcnQgXGQrKT8nCm5vZGVzOgogIC0gZ3JvazoKICAgICAgbmFtZTogIlNTSERfRkFJTCIKICAgICAgYXBwbHlfb246IG1lc3NhZ2UKICAgICAgc3RhdGljczoKICAgICAgICAtIG1ldGE6IGxvZ190eXBlCiAgICAgICAgICB2YWx1ZTogc3NoX2ZhaWxlZC1hdXRoCiAgICAgICAgLSBtZXRhOiB0YXJnZXRfdXNlcgogICAgICAgICAgZXhwcmVzc2lvbjogImV2dC5QYXJzZWQuc3NoZF9pbnZhbGlkX3VzZXIiCiAgLSBncm9rOgogICAgICBuYW1lOiAiU1NIRF9QUkVBVVRIX0FVVEhFTlRJQ0FUSU5HX1VTRVJfQUxUIgogICAgICBhcHBseV9vbjogbWVzc2FnZQogICAgICBzdGF0aWNzOgogICAgICAgIC0gbWV0YTogbG9nX3R5cGUKICAgICAgICAgIHZhbHVlOiBzc2hfZmFpbGVkLWF1dGgKICAgICAgICAtIG1ldGE6IHRhcmdldF91c2VyCiAgICAgICAgICBleHByZXNzaW9uOiAiZXZ0LlBhcnNlZC5zc2hkX2ludmFsaWRfdXNlciIKICAtIGdyb2s6CiAgICAgIG5hbWU6ICJTU0hEX1BSRUFVVEhfQVVUSEVOVElDQVRJTkdfVVNFUiIKICAgICAgYXBwbHlfb246IG1lc3NhZ2UKICAgICAgc3RhdGljczoKICAgICAgICAtIG1ldGE6IGxvZ190eXBlCiAgICAgICAgICB2YWx1ZTogc3NoX2ZhaWxlZC1hdXRoCiAgICAgICAgLSBtZXRhOiB0YXJnZXRfdXNlcgogICAgICAgICAgZXhwcmVzc2lvbjogImV2dC5QYXJzZWQuc3NoZF9pbnZhbGlkX3VzZXIiCiAgLSBncm9rOgogICAgICBuYW1lOiAiU1NIRF9ESVNDX1BSRUFVVEgiCiAgICAgIGFwcGx5X29uOiBtZXNzYWdlCiAgLSBncm9rOgogICAgICBuYW1lOiAiU1NIRF9CQURfVkVSU0lPTiIKICAgICAgYXBwbHlfb246IG1lc3NhZ2UKICAtIGdyb2s6CiAgICAgIG5hbWU6ICJTU0hEX0lOVkFMSURfVVNFUiIKICAgICAgYXBwbHlfb246IG1lc3NhZ2UKICAgICAgc3RhdGljczoKICAgICAgICAtIG1ldGE6IGxvZ190eXBlCiAgICAgICAgICB2YWx1ZTogc3NoX2ZhaWxlZC1hdXRoCiAgICAgICAgLSBtZXRhOiB0YXJnZXRfdXNlcgogICAgICAgICAgZXhwcmVzc2lvbjogImV2dC5QYXJzZWQuc3NoZF9pbnZhbGlkX3VzZXIiCiAgLSBncm9rOgogICAgICBuYW1lOiAiU1NIRF9OT1RfQUxMT1dFRF9VU0VSIgogICAgICBhcHBseV9vbjogbWVzc2FnZQogICAgICBzdGF0aWNzOgogICAgICAgIC0gbWV0YTogbG9nX3R5cGUKICAgICAgICAgIHZhbHVlOiBzc2hfZmFpbGVkLWF1dGgKICAgICAgICAtIG1ldGE6IHRhcmdldF91c2VyCiAgICAgICAgICBleHByZXNzaW9uOiAiZXZ0LlBhcnNlZC5zc2hkX2ludmFsaWRfdXNlciIKICAtIGdyb2s6CiAgICAgIG5hbWU6ICJTU0hEX0lOVkFMSURfQkFOTkVSIgogICAgICBhcHBseV9vbjogbWVzc2FnZQogICAgICBzdGF0aWNzOgogICAgICAgIC0gbWV0YTogbG9nX3R5cGUKICAgICAgICAgIHZhbHVlOiBzc2hfZmFpbGVkLWF1dGgKICAgICAgICAtIG1ldGE6IGV4dHJhX2xvZ190eXBlCiAgICAgICAgICB2YWx1ZTogc3NoX2JhZF9iYW5uZXIKICAtIGdyb2s6CiAgICAgIG5hbWU6ICJTU0hEX1VTRVJfRkFJTCIKICAgICAgYXBwbHlfb246IG1lc3NhZ2UKICAgICAgc3RhdGljczoKICAgICAgICAtIG1ldGE6IGxvZ190eXBlCiAgICAgICAgICB2YWx1ZTogc3NoX2ZhaWxlZC1hdXRoCiAgICAgICAgLSBtZXRhOiB0YXJnZXRfdXNlcgogICAgICAgICAgZXhwcmVzc2lvbjogImV2dC5QYXJzZWQuc3NoZF9pbnZhbGlkX3VzZXIiCiAgLSBncm9rOiAKICAgICAgbmFtZTogIlNTSERfQVVUSF9GQUlMIgogICAgICBhcHBseV9vbjogbWVzc2FnZQogICAgICBzdGF0aWNzOgogICAgICAgIC0gbWV0YTogbG9nX3R5cGUKICAgICAgICAgIHZhbHVlOiBzc2hfZmFpbGVkLWF1dGgKICAgICAgICAtIG1ldGE6IHRhcmdldF91c2VyCiAgICAgICAgICBleHByZXNzaW9uOiAiZXZ0LlBhcnNlZC5zc2hkX2ludmFsaWRfdXNlciIKICAtIGdyb2s6IAogICAgICBuYW1lOiAiU1NIRF9NQUdJQ19WQUxVRV9GQUlMRUQiCiAgICAgIGFwcGx5X29uOiBtZXNzYWdlCiAgICAgIHN0YXRpY3M6CiAgICAgICAgLSBtZXRhOiBsb2dfdHlwZQogICAgICAgICAgdmFsdWU6IHNzaF9mYWlsZWQtYXV0aAogICAgICAgIC0gbWV0YTogdGFyZ2V0X3VzZXIKICAgICAgICAgIGV4cHJlc3Npb246ICJldnQuUGFyc2VkLnNzaGRfaW52YWxpZF91c2VyIgogIC0gZ3JvazoKICAgICAgbmFtZTogIlNTSERfQkFEX0tFWV9ORUdPVElBVElPTiIKICAgICAgYXBwbHlfb246IG1lc3NhZ2UKICAgICAgc3RhdGljczoKICAgICAgICAtIG1ldGE6IGxvZ190eXBlCiAgICAgICAgICB2YWx1ZTogc3NoX2JhZF9rZXlleGNoYW5nZQogIC0gZ3JvazoKICAgICAgbmFtZTogIlNTSERfQVVUSF9USU1FT1VUIgogICAgICBhcHBseV9vbjogbWVzc2FnZQogICAgICBzdGF0aWNzOgogICAgICAgIC0gbWV0YTogbG9nX3R5cGUKICAgICAgICAgIHZhbHVlOiBzc2hfYXV0aF90aW1lb3V0CnN0YXRpY3M6CiAgICAtIG1ldGE6IHNlcnZpY2UKICAgICAgdmFsdWU6IHNzaAogICAgLSBtZXRhOiBzb3VyY2VfaXAKICAgICAgZXhwcmVzc2lvbjogImV2dC5QYXJzZWQuc3NoZF9jbGllbnRfaXAiCg==",
"content": "b25zdWNjZXNzOiBuZXh0X3N0YWdlCiNkZWJ1ZzogdHJ1ZQpmaWx0ZXI6ICJldnQuUGFyc2VkLnByb2dyYW0gPT0gJ3NzaGQnIgpuYW1lOiBjcm93ZHNlY3VyaXR5L3NzaGQtbG9ncwpkZXNjcmlwdGlvbjogIlBhcnNlIG9wZW5TU0ggbG9ncyIKcGF0dGVybl9zeW50YXg6CiAgIyBUaGUgSVAgZ3JvayBwYXR0ZXJuIHRoYXQgc2hpcHMgd2l0aCBjcm93ZHNlYyBpcyBidWdneSBhbmQgZG9lcyBub3QgY2FwdHVyZSB0aGUgbGFzdCBkaWdpdCBvZiBhbiBJUCBpZiBpdCBpcyB0aGUgbGFzdCB0aGluZyBpdCBtYXRjaGVzLCBhbmQgdGhlIGxhc3Qgb2N0ZXQgc3RhcnRzIHdpdGggYSAyCiAgIyBodHRwczovL2dpdGh1Yi5jb20vY3Jvd2RzZWN1cml0eS9jcm93ZHNlYy9pc3N1ZXMvOTM4CiAgSVB2NF9XT1JLQVJPVU5EOiAoPzooPzoyNVswLTVdfDJbMC00XVswLTldfFswMV0/WzAtOV1bMC05XT8pXC4pezN9KD86MjVbMC01XXwyWzAtNF1bMC05XXxbMDFdP1swLTldWzAtOV0/KQogIElQX1dPUktBUk9VTkQ6ICg/OiV7SVBWNn18JXtJUHY0X1dPUktBUk9VTkR9KQogIFNTSERfQVVUSF9GQUlMOiAncGFtXyV7REFUQTpwYW1fdHlwZX1cKHNzaGQ6YXV0aFwpOiBhdXRoZW50aWNhdGlvbiBmYWlsdXJlOyBsb2duYW1lPSB1aWQ9JXtOVU1CRVI6dWlkfT8gZXVpZD0le05VTUJFUjpldWlkfT8gdHR5PXNzaCBydXNlcj0gcmhvc3Q9JXtJUF9XT1JLQVJPVU5EOnNzaGRfY2xpZW50X2lwfSggJXtTUEFDRX11c2VyPSV7VVNFUk5BTUU6c3NoZF9pbnZhbGlkX3VzZXJ9KT8nCiAgU1NIRF9NQUdJQ19WQUxVRV9GQUlMRUQ6ICdNYWdpYyB2YWx1ZSBjaGVjayBmYWlsZWQgXChcZCtcKSBvbiBvYmZ1c2NhdGVkIGhhbmRzaGFrZSBmcm9tICV7SVBfV09SS0FST1VORDpzc2hkX2NsaWVudF9pcH0gcG9ydCBcZCsnCiAgU1NIRF9JTlZBTElEX1VTRVI6ICdJbnZhbGlkIHVzZXJccyole1VTRVJOQU1FOnNzaGRfaW52YWxpZF91c2VyfT8gZnJvbSAle0lQX1dPUktBUk9VTkQ6c3NoZF9jbGllbnRfaXB9KCBwb3J0IFxkKyk/JwogIFNTSERfSU5WQUxJRF9CQU5ORVI6ICdiYW5uZXIgZXhjaGFuZ2U6IENvbm5lY3Rpb24gZnJvbSAle0lQX1dPUktBUk9VTkQ6c3NoZF9jbGllbnRfaXB9IHBvcnQgXGQrOiBpbnZhbGlkIGZvcm1hdCcKICBTU0hEX1BSRUFVVEhfQVVUSEVOVElDQVRJTkdfVVNFUjogJ0Nvbm5lY3Rpb24gKGNsb3NlZHxyZXNldCkgYnkgKGF1dGhlbnRpY2F0aW5nfGludmFsaWQpIHVzZXIgJXtVU0VSTkFNRTpzc2hkX2ludmFsaWRfdXNlcn0gJXtJUF9XT1JLQVJPVU5EOnNzaGRfY2xpZW50X2lwfSBwb3J0IFxkKyBcW3ByZWF1dGhcXScKICAjZm9sbG93aW5nOiBodHRwczovL2dpdGh1Yi5jb20vY3Jvd2RzZWN1cml0eS9jcm93ZHNlYy9pc3N1ZXMvMTIwMSAtIHNvbWUgc2Nhbm5lcnMgYmVoYXZlIGRpZmZlcmVudGx5IGFuZCB0cmlnZ2VyIHRoaXMgb25lCiAgU1NIRF9QUkVBVVRIX0FVVEhFTlRJQ0FUSU5HX1VTRVJfQUxUOiAnRGlzY29ubmVjdGVkIGZyb20gKGF1dGhlbnRpY2F0aW5nfGludmFsaWQpIHVzZXIgJXtVU0VSTkFNRTpzc2hkX2ludmFsaWRfdXNlcn0gJXtJUF9XT1JLQVJPVU5EOnNzaGRfY2xpZW50X2lwfSBwb3J0IFxkKyBcW3ByZWF1dGhcXScKICBTU0hEX0JBRF9LRVlfTkVHT1RJQVRJT046ICdVbmFibGUgdG8gbmVnb3RpYXRlIHdpdGggJXtJUF9XT1JLQVJPVU5EOnNzaGRfY2xpZW50X2lwfSBwb3J0IFxkKzogbm8gbWF0Y2hpbmcgKGhvc3Qga2V5IHR5cGV8a2V5IGV4Y2hhbmdlIG1ldGhvZHxNQUMpIGZvdW5kLicKICAjIGluIGNhc2UgdGhleSBhcmUgYmxvY2tlZCBieSAvZXRjL3NzaC9zc2hkX2NvbmZpZyBBbGxvd1VzZXJzIHh4IHl5CiAgU1NIRF9OT1RfQUxMT1dFRF9VU0VSOiAnVXNlciAle1VTRVJOQU1FOnNzaGRfaW52YWxpZF91c2VyfT8gZnJvbSAle0lQX1dPUktBUk9VTkQ6c3NoZF9jbGllbnRfaXB9KCBwb3J0IFxkKyk/IG5vdCBhbGxvd2VkIGJlY2F1c2Ugbm90IGxpc3RlZCBpbiBBbGxvd1VzZXJzJwogIFNTSERfQVVUSF9USU1FT1VUOiAnVGltZW91dCBiZWZvcmUgYXV0aGVudGljYXRpb24gZm9yICV7SVBfV09SS0FST1VORDpzc2hkX2NsaWVudF9pcH0oIHBvcnQgXGQrKT8nCiAgU1NIRF9ESVNQQVRDSF9GQVRBTDogJ3NzaF9kaXNwYXRjaF9ydW5fZmF0YWw6IENvbm5lY3Rpb24gZnJvbSAle0lQX1dPUktBUk9VTkQ6c3NoZF9jbGllbnRfaXB9KCBwb3J0IFxkKyk/OiBtZXNzYWdlIGF1dGhlbnRpY2F0aW9uIGNvZGUgaW5jb3JyZWN0IFxbcHJlYXV0aFxdJwpub2RlczoKICAtIGdyb2s6CiAgICAgIG5hbWU6ICJTU0hEX0ZBSUwiCiAgICAgIGFwcGx5X29uOiBtZXNzYWdlCiAgICAgIHN0YXRpY3M6CiAgICAgICAgLSBtZXRhOiBsb2dfdHlwZQogICAgICAgICAgdmFsdWU6IHNzaF9mYWlsZWQtYXV0aAogICAgICAgIC0gbWV0YTogdGFyZ2V0X3VzZXIKICAgICAgICAgIGV4cHJlc3Npb246ICJldnQuUGFyc2VkLnNzaGRfaW52YWxpZF91c2VyIgogIC0gZ3JvazoKICAgICAgbmFtZTogIlNTSERfUFJFQVVUSF9BVVRIRU5USUNBVElOR19VU0VSX0FMVCIKICAgICAgYXBwbHlfb246IG1lc3NhZ2UKICAgICAgc3RhdGljczoKICAgICAgICAtIG1ldGE6IGxvZ190eXBlCiAgICAgICAgICB2YWx1ZTogc3NoX2ZhaWxlZC1hdXRoCiAgICAgICAgLSBtZXRhOiB0YXJnZXRfdXNlcgogICAgICAgICAgZXhwcmVzc2lvbjogImV2dC5QYXJzZWQuc3NoZF9pbnZhbGlkX3VzZXIiCiAgLSBncm9rOgogICAgICBuYW1lOiAiU1NIRF9QUkVBVVRIX0FVVEhFTlRJQ0FUSU5HX1VTRVIiCiAgICAgIGFwcGx5X29uOiBtZXNzYWdlCiAgICAgIHN0YXRpY3M6CiAgICAgICAgLSBtZXRhOiBsb2dfdHlwZQogICAgICAgICAgdmFsdWU6IHNzaF9mYWlsZWQtYXV0aAogICAgICAgIC0gbWV0YTogdGFyZ2V0X3VzZXIKICAgICAgICAgIGV4cHJlc3Npb246ICJldnQuUGFyc2VkLnNzaGRfaW52YWxpZF91c2VyIgogIC0gZ3JvazoKICAgICAgbmFtZTogIlNTSERfRElTQ19QUkVBVVRIIgogICAgICBhcHBseV9vbjogbWVzc2FnZQogIC0gZ3JvazoKICAgICAgbmFtZTogIlNTSERfQkFEX1ZFUlNJT04iCiAgICAgIGFwcGx5X29uOiBtZXNzYWdlCiAgLSBncm9rOgogICAgICBuYW1lOiAiU1NIRF9JTlZBTElEX1VTRVIiCiAgICAgIGFwcGx5X29uOiBtZXNzYWdlCiAgICAgIHN0YXRpY3M6CiAgICAgICAgLSBtZXRhOiBsb2dfdHlwZQogICAgICAgICAgdmFsdWU6IHNzaF9mYWlsZWQtYXV0aAogICAgICAgIC0gbWV0YTogdGFyZ2V0X3VzZXIKICAgICAgICAgIGV4cHJlc3Npb246ICJldnQuUGFyc2VkLnNzaGRfaW52YWxpZF91c2VyIgogIC0gZ3JvazoKICAgICAgbmFtZTogIlNTSERfTk9UX0FMTE9XRURfVVNFUiIKICAgICAgYXBwbHlfb246IG1lc3NhZ2UKICAgICAgc3RhdGljczoKICAgICAgICAtIG1ldGE6IGxvZ190eXBlCiAgICAgICAgICB2YWx1ZTogc3NoX2ZhaWxlZC1hdXRoCiAgICAgICAgLSBtZXRhOiB0YXJnZXRfdXNlcgogICAgICAgICAgZXhwcmVzc2lvbjogImV2dC5QYXJzZWQuc3NoZF9pbnZhbGlkX3VzZXIiCiAgLSBncm9rOgogICAgICBuYW1lOiAiU1NIRF9JTlZBTElEX0JBTk5FUiIKICAgICAgYXBwbHlfb246IG1lc3NhZ2UKICAgICAgc3RhdGljczoKICAgICAgICAtIG1ldGE6IGxvZ190eXBlCiAgICAgICAgICB2YWx1ZTogc3NoX2ZhaWxlZC1hdXRoCiAgICAgICAgLSBtZXRhOiBleHRyYV9sb2dfdHlwZQogICAgICAgICAgdmFsdWU6IHNzaF9iYWRfYmFubmVyCiAgLSBncm9rOgogICAgICBuYW1lOiAiU1NIRF9VU0VSX0ZBSUwiCiAgICAgIGFwcGx5X29uOiBtZXNzYWdlCiAgICAgIHN0YXRpY3M6CiAgICAgICAgLSBtZXRhOiBsb2dfdHlwZQogICAgICAgICAgdmFsdWU6IHNzaF9mYWlsZWQtYXV0aAogICAgICAgIC0gbWV0YTogdGFyZ2V0X3VzZXIKICAgICAgICAgIGV4cHJlc3Npb246ICJldnQuUGFyc2VkLnNzaGRfaW52YWxpZF91c2VyIgogIC0gZ3JvazoKICAgICAgbmFtZTogIlNTSERfQVVUSF9GQUlMIgogICAgICBhcHBseV9vbjogbWVzc2FnZQogICAgICBzdGF0aWNzOgogICAgICAgIC0gbWV0YTogbG9nX3R5cGUKICAgICAgICAgIHZhbHVlOiBzc2hfZmFpbGVkLWF1dGgKICAgICAgICAtIG1ldGE6IHRhcmdldF91c2VyCiAgICAgICAgICBleHByZXNzaW9uOiAiZXZ0LlBhcnNlZC5zc2hkX2ludmFsaWRfdXNlciIKICAtIGdyb2s6CiAgICAgIG5hbWU6ICJTU0hEX01BR0lDX1ZBTFVFX0ZBSUxFRCIKICAgICAgYXBwbHlfb246IG1lc3NhZ2UKICAgICAgc3RhdGljczoKICAgICAgICAtIG1ldGE6IGxvZ190eXBlCiAgICAgICAgICB2YWx1ZTogc3NoX2ZhaWxlZC1hdXRoCiAgICAgICAgLSBtZXRhOiB0YXJnZXRfdXNlcgogICAgICAgICAgZXhwcmVzc2lvbjogImV2dC5QYXJzZWQuc3NoZF9pbnZhbGlkX3VzZXIiCiAgLSBncm9rOgogICAgICBuYW1lOiAiU1NIRF9CQURfS0VZX05FR09USUFUSU9OIgogICAgICBhcHBseV9vbjogbWVzc2FnZQogICAgICBzdGF0aWNzOgogICAgICAgIC0gbWV0YTogbG9nX3R5cGUKICAgICAgICAgIHZhbHVlOiBzc2hfYmFkX2tleWV4Y2hhbmdlCiAgLSBncm9rOgogICAgICBuYW1lOiAiU1NIRF9BVVRIX1RJTUVPVVQiCiAgICAgIGFwcGx5X29uOiBtZXNzYWdlCiAgICAgIHN0YXRpY3M6CiAgICAgICAgLSBtZXRhOiBsb2dfdHlwZQogICAgICAgICAgdmFsdWU6IHNzaF9hdXRoX3RpbWVvdXQKICAtIGdyb2s6CiAgICAgIG5hbWU6ICJTU0hEX0RJU1BBVENIX0ZBVEFMIgogICAgICBhcHBseV9vbjogbWVzc2FnZQogICAgICBzdGF0aWNzOgogICAgICAgIC0gbWV0YTogbG9nX3R5cGUKICAgICAgICAgIHZhbHVlOiBzc2hfZGlzcGF0Y2hfZmF0YWwKc3RhdGljczoKICAtIG1ldGE6IHNlcnZpY2UKICAgIHZhbHVlOiBzc2gKICAtIG1ldGE6IHNvdXJjZV9pcAogICAgZXhwcmVzc2lvbjogImV2dC5QYXJzZWQuc3NoZF9jbGllbnRfaXAiCg==",
"description": "Parse openSSH logs",
"author": "crowdsecurity",
"labels": null
Expand Down Expand Up @@ -13946,15 +13950,19 @@
},
"crowdsecurity/ssh-cve-2024-6387": {
"path": "scenarios/crowdsecurity/ssh-cve-2024-6387.yaml",
"version": "0.1",
"version": "0.2",
"versions": {
"0.1": {
"digest": "1a36e33f8743790c5544faa999aa8dd062f6e2b696e16232d3a3f28576119503",
"deprecated": false
},
"0.2": {
"digest": "7888f1f31ea75d55f7b4bdf56b6f0840ca4ecbd937af0655cdf263062a11e85a",
"deprecated": false
}
},
"long_description": "RGV0ZWN0IGV4cGxvaXRhdGlvbiBhdHRlbXB0cyBvZiBDVkUtMjAyNC02Mzg3CiA=",
"content": "IyBzc2ggYnJ1dGVmb3JjZQp0eXBlOiBsZWFreQpuYW1lOiBjcm93ZHNlY3VyaXR5L3NzaC1jdmUtMjAyNC02Mzg3CmRlc2NyaXB0aW9uOiAiRGV0ZWN0IGV4cGxvaXRhdGlvbiBhdHRlbXB0IG9mIENWRS0yMDI0LTYzODciCmZpbHRlcjogImV2dC5NZXRhLmxvZ190eXBlID09ICdzc2hfYXV0aF90aW1lb3V0JyIKbGVha3NwZWVkOiAiMTgwcyIKY2FwYWNpdHk6IDMKZ3JvdXBieTogZXZ0Lk1ldGEuc291cmNlX2lwCmJsYWNraG9sZTogMW0KcmVwcm9jZXNzOiB0cnVlCmxhYmVsczoKICBzZXJ2aWNlOiBzc2gKICBjb25maWRlbmNlOiAzCiAgc3Bvb2ZhYmxlOiAwCiAgY2xhc3NpZmljYXRpb246CiAgICAtIGF0dGFjay5UMTE5MAogICAgLSBjdmUuQ1ZFLTIwMjQtNjM4NwogIGxhYmVsOiAiU1NIIENWRS0yMDI0LTYzODciCiAgYmVoYXZpb3I6ICJzc2g6ZXhwbG9pdCIKICByZW1lZGlhdGlvbjogdHJ1ZQ==",
"content": "IyBzc2ggYnJ1dGVmb3JjZQp0eXBlOiBsZWFreQpuYW1lOiBjcm93ZHNlY3VyaXR5L3NzaC1jdmUtMjAyNC02Mzg3CmRlc2NyaXB0aW9uOiAiRGV0ZWN0IGV4cGxvaXRhdGlvbiBhdHRlbXB0IG9mIENWRS0yMDI0LTYzODciCmZpbHRlcjogImV2dC5NZXRhLmxvZ190eXBlIGluIFsnc3NoX2F1dGhfdGltZW91dCcsICdzc2hfZGlzcGF0Y2hfZmF0YWwnXSIKbGVha3NwZWVkOiAiMTgwcyIKY2FwYWNpdHk6IDMKZ3JvdXBieTogZXZ0Lk1ldGEuc291cmNlX2lwCmJsYWNraG9sZTogMW0KcmVwcm9jZXNzOiB0cnVlCmxhYmVsczoKICBzZXJ2aWNlOiBzc2gKICBjb25maWRlbmNlOiAzCiAgc3Bvb2ZhYmxlOiAwCiAgY2xhc3NpZmljYXRpb246CiAgICAtIGF0dGFjay5UMTE5MAogICAgLSBjdmUuQ1ZFLTIwMjQtNjM4NwogIGxhYmVsOiAiU1NIIENWRS0yMDI0LTYzODciCiAgYmVoYXZpb3I6ICJzc2g6ZXhwbG9pdCIKICByZW1lZGlhdGlvbjogdHJ1ZQo=",
"description": "Detect exploitation attempt of CVE-2024-6387",
"author": "crowdsecurity",
"labels": {
Expand Down
Loading

0 comments on commit 3b055c7

Please sign in to comment.