|
Nmap Development
mailing list archives
[NSE script] SSH Hostkey(s) SSH1 and SSH2
From: Sven Klemm <sven () c3d2 de>
Date: Wed, 06 Aug 2008 08:50:45 +0200
Hi,
I merged the SSH1 and SSH2 Hostkey script and fixed a little bug for
SSH2. The new version is attached. This script requires the latest
version of the nse openssl bindings.
Sample output:
nmap --script SSH-hostkey localhost -p 22
Starting Nmap 4.68 ( http://nmap.org ) at 2008-08-06 08:44 CEST
Interesting ports on localhost (127.0.0.1):
PORT STATE SERVICE
22/tcp open ssh
| SSH Hostkey: rsa1 1024 89:7c:8b:2e:ee:5c:3d:ab:20:bd:d7:b3:a4:5a:a8:80
| ssh-dsa 1024 23:23:8c:73:26:22:4a:63:d8:5d:41:eb:86:cf:a0:58
|_ ssh-rsa 2048 f0:58:ce:f4:aa:a4:59:1c:8e:dd:4d:07:44:c8:25:11
Nmap done: 1 IP address (1 host up) scanned in 0.10 seconds
Sample output with verbosity 2:
nmap --script SSH-hostkey localhost -p 22 -vv
Starting Nmap 4.68 ( http://nmap.org ) at 2008-08-06 08:48 CEST
Initiating Ping Scan at 08:48
Scanning 127.0.0.1 [1 port]
Completed Ping Scan at 08:48, 0.00s elapsed (1 total hosts)
Initiating Connect Scan at 08:48
Scanning localhost (127.0.0.1) [1 port]
Discovered open port 22/tcp on 127.0.0.1
Completed Connect Scan at 08:48, 0.00s elapsed (1 total ports)
SCRIPT ENGINE: Initiating script scanning.
Initiating SCRIPT ENGINE at 08:48
Completed SCRIPT ENGINE at 08:48, 0.10s elapsed
Host localhost (127.0.0.1) appears to be up ... good.
Scanned at 2008-08-06 08:48:30 CEST for 0s
Interesting ports on localhost (127.0.0.1):
PORT STATE SERVICE
22/tcp open ssh
| SSH Hostkey: rsa1 1024
89:7c:8b:2e:ee:5c:3d:ab:20:bd:d7:b3:a4:5a:a8:80 35
136733718652991815166319123082773399861431031364908027819249598103199531236955778089644124580769345909378409769440979789009975246338169094312530652170936413484326930201865873192592749922439801838002192462023211783754960445138418861487715801288461579293714008745466811462569934380721110045927571803154589942049
| ssh-dsa 1024 23:23:8c:73:26:22:4a:63:d8:5d:41:eb:86:cf:a0:58
AAAAB3NzaC1kc3MAAACBAJD6ApUbSAGL/jKRaxE0QQLGB3eH7sEPxAFYhWz1nEiwOIh50ONd0Nr2UAFsQlYvnk7Bchx7tElWP57eHpyr9BWZwFOTQQAEM77dKNbUzqQhoSppRqnbFjErTp/PnvwY95M05Kdm98MnxA6ngE4Nz8C0eL69sm/oFRQ6ahGmWcSLAAAAFQCW+NG4KsuIgk/9LuuKmUy/9MMQ1wAAAIA8vwBaH5evPRJi1rmo/QGhJiC8iQCnwbXqwnJGVIWFvYuofQCERs0xzfcrMOi8J3AMd1qhOjUC0YTg6xXtxPlW3Un7cmLcia3IVPUewjsNfLUIQ6TVXqAP8yU9elSE39zrBNrC0o30K2fMDB/ngn+ml/G9gd0/W0XStfx8svglsQAAAIEAgXXWoZej/rbTwTd61Gz+XpLwwqJkPT9EHgPVSVRD399BN3zxP9ghib+K9c6snavFvhWxrTgU/ZZZmiyOwOMcltp08REErOj5U54dzM/hYbYio0Ke83y1/llnFwoOimCHdJ0NSr/a69ZudNN3j8651ufIp13kDETBmEMMCGy8OqY=
|_ ssh-rsa 2048 f0:58:ce:f4:aa:a4:59:1c:8e:dd:4d:07:44:c8:25:11
AAAAB3NzaC1yc2EAAAABIwAAAQEAwVuv2gcr0maaKQ69VVIEv2ob4OxnuI64fkeOnCXD1lUx5tTA+vefXUWEMxgMuA7iX4irJHy2zer0NQ3Z3yJvr5scPgTYIaEOp5Uo/eGFG9Agpk5wE8CoF0e47iCAPHqzlmP2V7aNURLMODb3jVZuI07A2ZRrMGrD8d888E2ORVORv1rYeTYCqcMMoVFmX9l3gWEdk4yx3w5sD8v501Iuyd1v19mPfyhrI5E1E1nl/Xjp5N0/xP2GUBrdkDMxKaxqTPMie/f0dXBUPQQN697a5q+5lBRPhKYOtn6yQKCd9s1Q22nxn72Jmi1RzbMyYJ52FosDT755Qmb46GLrDMaZMQ==
Read data files from: .
Nmap done: 1 IP address (1 host up) scanned in 0.17 seconds
Cheers,
Sven
--
Sven Klemm
http://cthulhu.c3d2.de/~sven/
id = "SSH Hostkey"
author = "Sven Klemm <sven () c3d2 de>"
description = "Show SSH Hostkey(s)"
license = "Same as Nmap--See http://nmap.org/book/man-legal.html";
categories = {"safe"}
require("stdnse")
require("shortport")
require("openssl")
require("bin")
require("base64")
require("hash")
portrule = shortport.port_or_service(22, "ssh")
local format_fingerprint = function( fp )
local s = fp:sub( 1, 2 )
for i = 3, #fp, 2 do
s = s .. ':' .. fp:sub( i, i + 1 )
end
return s
end
local ssh1 = {
fetch_host_key = function(host, port)
local socket = nmap.new_socket()
local catch = function() socket:close() end
local try = nmap.new_try(catch)
try(socket:connect(host.ip, port.number))
-- fetch banner
try(socket:receive_lines(1))
-- send our banner
try(socket:send("SSH-1.5-Nmap-SSH1-Hostkey\r\n"))
local data, packet_length, padding, offset
data = try(socket:receive())
socket:close()
offset, packet_length = bin.unpack( ">i", data )
padding = 8 - packet_length % 8
offset = offset + padding
if padding + packet_length + 4 == data:len() then
-- seems to be a proper SSH1 packet
local msg_code,host_key_bits,host_key_exponent,host_key_modulus,length
offset, msg_code = bin.unpack( ">c", data, offset )
if msg_code == 2 then -- 2 => SSH_SMSG_PUBLIC_KEY
-- ignore cookie and server key bits
offset, _, _ = bin.unpack( ">A8i", data, offset )
-- skip server key exponent and modulus
offset, length = bin.unpack( ">S", data, offset )
offset = offset + math.ceil( length / 8 )
offset, length = bin.unpack( ">S", data, offset )
offset = offset + math.ceil( length / 8 )
offset, host_key_bits = bin.unpack( ">i", data, offset )
offset, length = bin.unpack( ">S", data, offset )
offset, host_key_exponent = bin.unpack( ">A" .. math.ceil( length / 8 ), data, offset )
host_key_exponent = openssl.bignum_bin2bn( host_key_exponent )
offset, length = bin.unpack( ">S", data, offset )
offset, host_key_modulus = bin.unpack( ">A" .. math.ceil( length / 8 ), data, offset )
host_key_modulus = openssl.bignum_bin2bn( host_key_modulus )
return {exp=host_key_exponent,mod=host_key_modulus,bits=host_key_bits}
end
end
end
}
local ssh2
ssh2 = {
transport = {
build = function( payload )
local packet_length, padding_length
padding_length = 8 - ( (payload:len() + 1 + 4 ) % 8 )
packet_length = payload:len() + padding_length + 1
return bin.pack( ">IcAA", packet_length, padding_length, payload, openssl.rand_pseudo_bytes( padding_length ) )
end,
payload = function( packet )
local packet_length, padding_length, payload_length, payload, offset
offset, packet_length, padding_length = bin.unpack( ">Ic", packet )
payload_length = packet_length - padding_length - 1
offset, payload = bin.unpack( ">A" .. payload_length, packet, offset )
return payload
end,
dh_gex_request = function( min, opt, max )
return bin.pack( ">cIII", 34, min, opt, max )
end,
kexdh_init = function( e )
return bin.pack( ">cIA", 30, e:num_bytes(), e:to_bin() )
end,
kex_init = function( cookie, options )
options = options or {}
kex_algorithms = "diffie-hellman-group1-sha1"
host_key_algorithms = options['host_key_algorithms'] or "ssh-dss,ssh-rsa"
encryption_algorithms = "aes128-cbc,3des-cbc,blowfish-cbc,aes192-cbc,aes256-cbc,aes128-ctr,aes192-ctr,aes256-ctr"
mac_algorithms = "hmac-md5,hmac-sha1,hmac-ripemd160"
compression_algorithms = "none"
languages = ""
local payload = bin.pack( ">cAaa", 20, cookie, kex_algorithms, host_key_algorithms )
payload = payload .. bin.pack( ">aa", encryption_algorithms, encryption_algorithms )
payload = payload .. bin.pack( ">aa", mac_algorithms, mac_algorithms )
payload = payload .. bin.pack( ">aa", compression_algorithms, compression_algorithms )
payload = payload .. bin.pack( ">aa", languages, languages )
payload = payload .. bin.pack( ">cI", 0, 0 )
return payload
end
},
fetch_host_key = function( host, port, key_type )
local socket = nmap.new_socket()
local catch = function() socket:close() end
local try = nmap.new_try(catch)
-- oakley group 2 prime taken from rfc 2409
local prime =
"FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE649286651ECE65381FFFFFFFFFFFFFFFF"
try(socket:connect(host.ip, port.number))
-- fetch banner
try(socket:receive_lines(1))
-- send our banner
try(socket:send("SSH-2.0-Nmap-SSH2-Hostkey\r\n"))
local cookie = openssl.rand_bytes( 16 )
local packet = ssh2.transport.build( ssh2.transport.kex_init( cookie, {host_key_algorithms=key_type} ) )
try(socket:send( packet ))
local kex_init = try(socket:receive_bytes(1))
kex_init = ssh2.transport.payload( kex_init )
-- check for proper msg code
if kex_init:byte(1) ~= 20 then
return
end
local e, g, x, p
-- e = g^x mod p
g = openssl.bignum_dec2bn( "2" )
p = openssl.bignum_hex2bn( prime )
x = openssl.bignum_pseudo_rand( 1024 )
e = openssl.bignum_mod_exp( g, p, x )
-- work around openssl bug dropping connection when highest bit is set (negative numbers not supported)
if e:num_bits() % 8 == 0 then
e:clear_bit( 1023 )
e:set_bit( 1022 )
end
packet = ssh2.transport.build( ssh2.transport.kexdh_init( e ) )
try(socket:send( packet ))
local kexdh_reply = try(socket:receive_bytes(1))
kexdh_reply = ssh2.transport.payload( kexdh_reply )
-- check for proper msg code
if kexdh_reply:byte(1) ~= 31 then
return
end
local public_host_key
_, _, public_host_key = bin.unpack( ">ca", kexdh_reply )
return public_host_key
end
}
action = function(host, port)
local output = ""
local rsa1_key = ssh1.fetch_host_key( host, port )
if rsa1_key then
output = output .. 'rsa1 ' .. rsa1_key.bits .. ' ' .. format_fingerprint( hash.md5( rsa1_key.mod:to_bin() ..
rsa1_key.exp:to_bin() ) )
if nmap.verbosity() > 1 then
output = output .. ' ' .. rsa1_key.exp:to_dec() .. ' ' .. rsa1_key.mod:to_dec()
end
output = output .. '\n'
end
local dsa_key = ssh2.fetch_host_key( host, port, "ssh-dss" )
if dsa_key then
local key_type,p,q,g,y
_, key_type, p, q, g, y = bin.unpack( ">aaaaaa", dsa_key )
output = output .. "ssh-dsa " .. openssl.bignum_bin2bn( p ):num_bits() .. " " .. format_fingerprint( hash.md5(
dsa_key ) )
if nmap.verbosity() > 1 then
output = output .. ' ' .. base64.enc( dsa_key )
end
output = output .. '\n'
end
local rsa_key = ssh2.fetch_host_key( host, port, "ssh-rsa" )
if rsa_key then
local key_type, e, n
_, key_type, e, n = bin.unpack( ">aaa", rsa_key )
output = output .. "ssh-rsa " .. openssl.bignum_bin2bn( n ):num_bits() .. " " .. format_fingerprint( hash.md5(
rsa_key ) )
if nmap.verbosity() > 1 then
output = output .. ' ' .. base64.enc( rsa_key )
end
output = output .. '\n'
end
return output
end
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
 By Date 
By Thread
Current thread:
- [NSE script] SSH Hostkey(s) SSH1 and SSH2 Sven Klemm (Aug 05)
|
Intro
