ssh_scan 0.0.12 → 0.0.13
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +5 -0
- data/bin/ssh_scan +45 -9
- data/lib/ssh_scan/banner.rb +17 -1
- data/lib/ssh_scan/client.rb +33 -10
- data/lib/ssh_scan/error.rb +2 -0
- data/lib/ssh_scan/error/no_banner.rb +12 -0
- data/lib/ssh_scan/error/no_kex_response.rb +12 -0
- data/lib/ssh_scan/os.rb +3 -0
- data/lib/ssh_scan/os/centos.rb +4 -0
- data/lib/ssh_scan/os/cisco.rb +17 -0
- data/lib/ssh_scan/os/debian.rb +4 -0
- data/lib/ssh_scan/os/dopra.rb +17 -0
- data/lib/ssh_scan/os/freebsd.rb +4 -0
- data/lib/ssh_scan/os/redhat.rb +4 -0
- data/lib/ssh_scan/os/ros.rb +17 -0
- data/lib/ssh_scan/os/ubuntu.rb +1 -1
- data/lib/ssh_scan/os/unknown.rb +4 -0
- data/lib/ssh_scan/os/windows.rb +4 -0
- data/lib/ssh_scan/policy_manager.rb +2 -0
- data/lib/ssh_scan/scan_engine.rb +24 -23
- data/lib/ssh_scan/ssh_lib.rb +4 -0
- data/lib/ssh_scan/ssh_lib/ciscossh.rb +17 -0
- data/lib/ssh_scan/ssh_lib/doprassh.rb +17 -0
- data/lib/ssh_scan/ssh_lib/dropbear.rb +43 -0
- data/lib/ssh_scan/ssh_lib/libssh.rb +4 -0
- data/lib/ssh_scan/ssh_lib/rosssh.rb +17 -0
- data/lib/ssh_scan/ssh_lib/unknown.rb +4 -0
- data/lib/ssh_scan/target_parser.rb +17 -5
- data/lib/ssh_scan/version.rb +1 -1
- metadata +11 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 33f1febf216b8836861940688f4da101debe78cc
|
4
|
+
data.tar.gz: 2b0661596cfd440cbb46c7abac8b3de76443b906
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: ddd8614a94d51f8e0f77c1c82fff0a480634de65a35f6fb30b1969282c81f1b9c035649e47d66f717421f34c6257364cbb77327cbe8495cbd27ea65dd9fa74ea
|
7
|
+
data.tar.gz: 4cffdf417580c5e11dc7b7e6b7ad17e6014c0cc31f02728728e9f317ecec0d295cb7f46f1045b4fac0b5c0c38a59062f0e441bbbf851a1c88c39be9f18eb3ade
|
data/README.md
CHANGED
@@ -3,6 +3,8 @@
|
|
3
3
|
[![Build Status](https://secure.travis-ci.org/mozilla/ssh_scan.png)](http://travis-ci.org/mozilla/ssh_scan)
|
4
4
|
[![Code Climate](https://codeclimate.com/github/mozilla/ssh_scan.png)](https://codeclimate.com/github/mozilla/ssh_scan)
|
5
5
|
[![Gem Version](https://badge.fury.io/rb/ssh_scan.svg)](https://badge.fury.io/rb/ssh_scan)
|
6
|
+
[![Join the chat at https://gitter.im/mozilla-ssh_scan/Lobby](https://badges.gitter.im/Join%20Chat.svg)](https://gitter.im/mozilla-ssh_scan/Lobby?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge)
|
7
|
+
|
6
8
|
|
7
9
|
A SSH configuration and policy scanner
|
8
10
|
|
@@ -71,6 +73,8 @@ Run `ssh_scan -h` to get this
|
|
71
73
|
-u, --unit-test [FILE] Throw appropriate exit codes based on compliance status
|
72
74
|
-v, --version Display just version info
|
73
75
|
-h, --help Show this message
|
76
|
+
-L, --logger[Log File Path] Enable logger and set the log file
|
77
|
+
-V, --verbosity Set the logger level (Params: INFO, DEBUG, WARN, ERROR, FATAL)
|
74
78
|
|
75
79
|
Examples:
|
76
80
|
|
@@ -82,6 +86,7 @@ Run `ssh_scan -h` to get this
|
|
82
86
|
ssh_scan -o output.json
|
83
87
|
ssh_scan -O output.json -o rescan_output.json
|
84
88
|
ssh_scan -t 192.168.1.1 -p 22222
|
89
|
+
ssh_scan -t 192.168.1.1 -p 22222 -L output.log -V INFO
|
85
90
|
ssh_scan -t 192.168.1.1 -P custom_policy.yml
|
86
91
|
ssh_scan -t 192.168.1.1 --unit-test -P custom_policy.yml
|
87
92
|
|
data/bin/ssh_scan
CHANGED
@@ -7,6 +7,7 @@ require 'json'
|
|
7
7
|
require 'netaddr'
|
8
8
|
require 'optparse'
|
9
9
|
require 'ssh_scan'
|
10
|
+
require 'logger'
|
10
11
|
|
11
12
|
#Default options
|
12
13
|
options = {
|
@@ -15,6 +16,8 @@ options = {
|
|
15
16
|
:unit_test => false,
|
16
17
|
:timeout => 2,
|
17
18
|
:threads => 5,
|
19
|
+
:verbosity => nil,
|
20
|
+
:logger => Logger.new(STDERR),
|
18
21
|
}
|
19
22
|
|
20
23
|
target_parser = SSHScan::TargetParser.new()
|
@@ -24,9 +27,10 @@ opt_parser = OptionParser.new do |opts|
|
|
24
27
|
"Usage: ssh_scan [options]"
|
25
28
|
|
26
29
|
opts.on("-t", "--target [IP/Range/Hostname]", Array,
|
27
|
-
"IP/Ranges/Hostname to scan") do |
|
28
|
-
|
29
|
-
|
30
|
+
"IP/Ranges/Hostname to scan") do |sockets|
|
31
|
+
sockets.each do |socket|
|
32
|
+
ip, port = socket.chomp.split(':')
|
33
|
+
options[:sockets] += target_parser.enumerateIPRange(ip, port)
|
30
34
|
end
|
31
35
|
end
|
32
36
|
|
@@ -39,7 +43,6 @@ opt_parser = OptionParser.new do |opts|
|
|
39
43
|
File.open(file).each do |line|
|
40
44
|
line.chomp.split(',').each do |socket|
|
41
45
|
ip, port = socket.chomp.split(':')
|
42
|
-
port = port.nil? ? 22 : port
|
43
46
|
options[:sockets] += target_parser.enumerateIPRange(ip, port)
|
44
47
|
end
|
45
48
|
end
|
@@ -50,6 +53,15 @@ opt_parser = OptionParser.new do |opts|
|
|
50
53
|
options[:timeout] = timeout.to_i
|
51
54
|
end
|
52
55
|
|
56
|
+
opts.on("-L", "--logger [Log File Path]",
|
57
|
+
"Enable logger") do |log_file|
|
58
|
+
if log_file.nil?
|
59
|
+
options[:logger] = Logger.new(STDERR)
|
60
|
+
else
|
61
|
+
options[:logger] = Logger.new $stdout.reopen(log_file, "w")
|
62
|
+
end
|
63
|
+
end
|
64
|
+
|
53
65
|
opts.on("-O", "--from_json [FilePath]",
|
54
66
|
"File to read JSON output from") do |file|
|
55
67
|
unless File.exists?(file)
|
@@ -69,11 +81,20 @@ opt_parser = OptionParser.new do |opts|
|
|
69
81
|
$stdout.reopen(file, "w")
|
70
82
|
end
|
71
83
|
|
72
|
-
opts.on("-p", "--port [PORT]",
|
73
|
-
"Port (Default: 22)") do |
|
74
|
-
|
75
|
-
|
76
|
-
|
84
|
+
opts.on("-p", "--port [PORT]", Array,
|
85
|
+
"Port (Default: 22)") do |ports|
|
86
|
+
temp = []
|
87
|
+
options[:sockets].each do |socket|
|
88
|
+
ports.each do |port|
|
89
|
+
ip, old_port = socket.chomp.split(':')
|
90
|
+
if !old_port.nil?
|
91
|
+
puts "Specifying port simultaneously with -t and -p is not allowed. Please fix this and try again"
|
92
|
+
exit 1
|
93
|
+
end
|
94
|
+
temp += target_parser.enumerateIPRange(ip, port)
|
95
|
+
end
|
96
|
+
end
|
97
|
+
options[:sockets] = temp
|
77
98
|
end
|
78
99
|
|
79
100
|
opts.on("-P", "--policy [FILE]",
|
@@ -91,6 +112,20 @@ opt_parser = OptionParser.new do |opts|
|
|
91
112
|
options[:unit_test] = true
|
92
113
|
end
|
93
114
|
|
115
|
+
opts.on("-V", "--verbosity",
|
116
|
+
"Set the logger level (Accpeted Params: INFO, DEBUG, WARN, ERROR, FATAL)") do |verbosity|
|
117
|
+
options[:logger].level = case options[:verbosity]
|
118
|
+
when "INFO" then Logger::INFO
|
119
|
+
when "DEBUG" then Logger::DEBUG
|
120
|
+
when "WARN" then Logger::WARN
|
121
|
+
when "ERROR" then Logger::ERROR
|
122
|
+
when "FATAL" then Logger::FATAL
|
123
|
+
else
|
124
|
+
puts "Can't convert #{options[:verbosity]} to any of the Logger level constants"
|
125
|
+
exit
|
126
|
+
end
|
127
|
+
end
|
128
|
+
|
94
129
|
opts.on("-v", "--version",
|
95
130
|
"Display just version info") do
|
96
131
|
puts SSHScan::VERSION
|
@@ -108,6 +143,7 @@ opt_parser = OptionParser.new do |opts|
|
|
108
143
|
puts " ssh_scan -o output.json"
|
109
144
|
puts " ssh_scan -O output.json -o rescan_output.json"
|
110
145
|
puts " ssh_scan -t 192.168.1.1 -p 22222"
|
146
|
+
puts " ssh_scan -t 192.168.1.1 -p 22222 -L output.log -V INFO"
|
111
147
|
puts " ssh_scan -t 192.168.1.1 -P custom_policy.yml"
|
112
148
|
puts " ssh_scan -t 192.168.1.1 --unit-test -P custom_policy.yml"
|
113
149
|
puts ""
|
data/lib/ssh_scan/banner.rb
CHANGED
@@ -8,7 +8,7 @@ module SSHScan
|
|
8
8
|
end
|
9
9
|
|
10
10
|
def self.read(string)
|
11
|
-
return SSHScan::Banner.new(string
|
11
|
+
return SSHScan::Banner.new(string)
|
12
12
|
end
|
13
13
|
|
14
14
|
def ssh_version()
|
@@ -25,6 +25,14 @@ module SSHScan
|
|
25
25
|
return SSHScan::SSHLib::OpenSSH.new(@string)
|
26
26
|
when /LibSSH/i
|
27
27
|
return SSHScan::SSHLib::LibSSH.new()
|
28
|
+
when /Cisco/i
|
29
|
+
return SSHScan::SSHLib::CiscoSSH.new()
|
30
|
+
when /ROS/i
|
31
|
+
return SSHScan::SSHLib::ROSSSH.new()
|
32
|
+
when /DOPRASSH/i
|
33
|
+
return SSHScan::SSHLib::DOPRASSH.new()
|
34
|
+
when /dropbear/i
|
35
|
+
return SSHScan::SSHLib::Dropbear.new(@string)
|
28
36
|
else
|
29
37
|
return SSHScan::SSHLib::Unknown.new()
|
30
38
|
end
|
@@ -34,6 +42,8 @@ module SSHScan
|
|
34
42
|
case @string
|
35
43
|
when /Ubuntu/i
|
36
44
|
return SSHScan::OS::Ubuntu.new(@string)
|
45
|
+
when /6.6p1-5build1/i # non-standard Ubuntu release
|
46
|
+
return SSHScan::OS::Ubuntu.new(@string)
|
37
47
|
when /CentOS/i
|
38
48
|
return SSHScan::OS::CentOS.new
|
39
49
|
when /RHEL|RedHat/i
|
@@ -44,6 +54,12 @@ module SSHScan
|
|
44
54
|
return SSHScan::OS::Debian.new
|
45
55
|
when /Windows/i
|
46
56
|
return SSHScan::OS::Windows.new
|
57
|
+
when /Cisco/i
|
58
|
+
return SSHScan::OS::Cisco.new
|
59
|
+
when /ROS/i
|
60
|
+
return SSHScan::OS::ROS.new
|
61
|
+
when /DOPRA/i
|
62
|
+
return SSHScan::OS::DOPRA.new
|
47
63
|
else
|
48
64
|
return SSHScan::OS::Unknown.new
|
49
65
|
end
|
data/lib/ssh_scan/client.rb
CHANGED
@@ -25,10 +25,26 @@ module SSHScan
|
|
25
25
|
rescue Errno::ECONNREFUSED => e
|
26
26
|
@error = SSHScan::Error::ConnectionRefused.new(e.message)
|
27
27
|
@sock = nil
|
28
|
+
rescue Errno::ENETUNREACH => e
|
29
|
+
@error = SSHScan::Error::ConnectionRefused.new(e.message)
|
30
|
+
@sock = nil
|
31
|
+
rescue Errno::EACCES => e
|
32
|
+
@error = SSHScan::Error::ConnectionRefused.new(e.message)
|
33
|
+
@sock = nil
|
34
|
+
rescue Errno::EHOSTUNREACH => e
|
35
|
+
@error = SSHScan::Error::ConnectionRefused.new(e.message)
|
36
|
+
@sock = nil
|
28
37
|
else
|
29
|
-
@raw_server_banner = @sock.gets
|
30
|
-
|
31
|
-
@
|
38
|
+
@raw_server_banner = @sock.gets
|
39
|
+
|
40
|
+
if @raw_server_banner.nil?
|
41
|
+
@error = SSHScan::Error::NoBanner.new("service did not respond with an SSH banner")
|
42
|
+
@sock = nil
|
43
|
+
else
|
44
|
+
@raw_server_banner = @raw_server_banner.chomp
|
45
|
+
@server_banner = SSHScan::Banner.read(@raw_server_banner)
|
46
|
+
@sock.puts(@client_banner.to_s)
|
47
|
+
end
|
32
48
|
end
|
33
49
|
end
|
34
50
|
|
@@ -44,13 +60,6 @@ module SSHScan
|
|
44
60
|
return result
|
45
61
|
end
|
46
62
|
|
47
|
-
@sock.write(kex_init_raw)
|
48
|
-
resp = @sock.read(4)
|
49
|
-
resp += @sock.read(resp.unpack("N").first)
|
50
|
-
@sock.close
|
51
|
-
|
52
|
-
kex_exchange_init = SSHScan::KeyExchangeInit.read(resp)
|
53
|
-
|
54
63
|
# Assemble and print results
|
55
64
|
result[:server_banner] = @server_banner
|
56
65
|
result[:ssh_version] = @server_banner.ssh_version
|
@@ -58,6 +67,20 @@ module SSHScan
|
|
58
67
|
result[:os_cpe] = @server_banner.os_guess.cpe
|
59
68
|
result[:ssh_lib] = @server_banner.ssh_lib_guess.common
|
60
69
|
result[:ssh_lib_cpe] = @server_banner.ssh_lib_guess.cpe
|
70
|
+
|
71
|
+
@sock.write(kex_init_raw)
|
72
|
+
resp = @sock.read(4)
|
73
|
+
|
74
|
+
if resp.nil?
|
75
|
+
@error = SSHScan::Error::NoKexResponse.new("service did not respond to our kex init request")
|
76
|
+
@sock = nil
|
77
|
+
return result
|
78
|
+
end
|
79
|
+
|
80
|
+
resp += @sock.read(resp.unpack("N").first)
|
81
|
+
@sock.close
|
82
|
+
|
83
|
+
kex_exchange_init = SSHScan::KeyExchangeInit.read(resp)
|
61
84
|
result.merge!(kex_exchange_init.to_hash)
|
62
85
|
|
63
86
|
return result
|
data/lib/ssh_scan/error.rb
CHANGED
data/lib/ssh_scan/os.rb
CHANGED
data/lib/ssh_scan/os/centos.rb
CHANGED
data/lib/ssh_scan/os/debian.rb
CHANGED
data/lib/ssh_scan/os/freebsd.rb
CHANGED
data/lib/ssh_scan/os/redhat.rb
CHANGED
data/lib/ssh_scan/os/ubuntu.rb
CHANGED
data/lib/ssh_scan/os/unknown.rb
CHANGED
data/lib/ssh_scan/os/windows.rb
CHANGED
data/lib/ssh_scan/scan_engine.rb
CHANGED
@@ -7,6 +7,9 @@ module SSHScan
|
|
7
7
|
|
8
8
|
def scan_target(socket, opts)
|
9
9
|
target, port = socket.chomp.split(':')
|
10
|
+
if port.nil?
|
11
|
+
port = 22
|
12
|
+
end
|
10
13
|
policy = opts[:policy_file]
|
11
14
|
timeout = opts[:timeout]
|
12
15
|
result = []
|
@@ -48,27 +51,13 @@ module SSHScan
|
|
48
51
|
host_key = net_ssh_session.host_keys.first
|
49
52
|
net_ssh_session.close
|
50
53
|
rescue Net::SSH::ConnectionTimeout => e
|
51
|
-
warn("WARNING: net-ssh timed out attempting to connect to service (fingerprints and auth_methods will not be available)")
|
52
|
-
result['auth_methods'] = []
|
53
|
-
result['fingerprints'] = {}
|
54
54
|
result[:error] = e
|
55
55
|
result[:error] = SSHScan::Error::ConnectTimeout.new(e.message)
|
56
56
|
rescue Net::SSH::Disconnect => e
|
57
|
-
warn("WARNING: net-ssh disconnected unexpectedly (fingerprints and auth_methods will not be available)")
|
58
|
-
result['auth_methods'] = []
|
59
|
-
result['fingerprints'] = {}
|
60
57
|
result[:error] = e
|
61
58
|
result[:error] = SSHScan::Error::Disconnected.new(e.message)
|
62
59
|
rescue Net::SSH::Exception => e
|
63
|
-
if e.to_s.match(/could not settle on
|
64
|
-
warn("WARNING: net-ssh could not find a mutually acceptable encryption algorithm (fingerprints and auth_methods will not be available)")
|
65
|
-
result['auth_methods'] = []
|
66
|
-
result['fingerprints'] = {}
|
67
|
-
result[:error] = e
|
68
|
-
elsif e.to_s.match(/could not settle on host_key algorithm/)
|
69
|
-
warn("WARNING: net-ssh could not find a mutually acceptable host_key algorithm (fingerprints and auth_methods will not be available)")
|
70
|
-
result['auth_methods'] = []
|
71
|
-
result['fingerprints'] = {}
|
60
|
+
if e.to_s.match(/could not settle on/)
|
72
61
|
result[:error] = e
|
73
62
|
else
|
74
63
|
raise e
|
@@ -90,22 +79,32 @@ module SSHScan
|
|
90
79
|
"sha1" => fingerprint_sha1,
|
91
80
|
"sha256" => fingerprint_sha256,
|
92
81
|
}
|
93
|
-
# Do this only when no errors were reported
|
94
|
-
unless policy.nil?
|
95
|
-
policy_mgr = SSHScan::PolicyManager.new(result, policy)
|
96
|
-
result['compliance'] = policy_mgr.compliance_results
|
97
|
-
end
|
98
|
-
else
|
99
|
-
warn("WARNING: Host key support for #{host_key.class} is not provided yet (fingerprints will not be available)")
|
100
|
-
result['fingerprints'] = {}
|
101
82
|
end
|
102
83
|
end
|
84
|
+
|
85
|
+
# Do this only when no errors were reported
|
86
|
+
if !policy.nil? &&
|
87
|
+
!result[:key_algorithms].nil? &&
|
88
|
+
!result[:server_host_key_algorithms].nil? &&
|
89
|
+
!result[:encryption_algorithms_client_to_server].nil? &&
|
90
|
+
!result[:encryption_algorithms_server_to_client].nil? &&
|
91
|
+
!result[:mac_algorithms_client_to_server].nil? &&
|
92
|
+
!result[:mac_algorithms_server_to_client].nil? &&
|
93
|
+
!result[:compression_algorithms_client_to_server].nil? &&
|
94
|
+
!result[:compression_algorithms_server_to_client].nil? &&
|
95
|
+
!result[:languages_client_to_server].nil? &&
|
96
|
+
!result[:languages_server_to_client].nil?
|
97
|
+
policy_mgr = SSHScan::PolicyManager.new(result, policy)
|
98
|
+
result['compliance'] = policy_mgr.compliance_results
|
99
|
+
end
|
100
|
+
|
103
101
|
return result
|
104
102
|
end
|
105
103
|
|
106
104
|
def scan(opts)
|
107
105
|
sockets = opts[:sockets]
|
108
106
|
threads = opts[:threads] || 5
|
107
|
+
logger = opts[:logger]
|
109
108
|
|
110
109
|
results = []
|
111
110
|
|
@@ -115,7 +114,9 @@ module SSHScan
|
|
115
114
|
Thread.new do
|
116
115
|
begin
|
117
116
|
while socket = work_queue.pop(true)
|
117
|
+
logger.info("Started ssh_scan of #{socket}")
|
118
118
|
results << scan_target(socket, opts)
|
119
|
+
logger.info("Completed ssh_scan of #{socket}")
|
119
120
|
end
|
120
121
|
rescue ThreadError => e
|
121
122
|
raise e unless e.to_s.match(/queue empty/)
|
data/lib/ssh_scan/ssh_lib.rb
CHANGED
@@ -0,0 +1,43 @@
|
|
1
|
+
module SSHScan
|
2
|
+
module SSHLib
|
3
|
+
class Dropbear
|
4
|
+
class Version
|
5
|
+
def initialize(version_string)
|
6
|
+
if version_string == nil
|
7
|
+
@version_string = "unknown"
|
8
|
+
else
|
9
|
+
@version_string = version_string
|
10
|
+
end
|
11
|
+
end
|
12
|
+
def to_s
|
13
|
+
@version_string
|
14
|
+
end
|
15
|
+
end
|
16
|
+
|
17
|
+
def initialize(banner)
|
18
|
+
@banner = banner
|
19
|
+
@version = Dropbear::Version.new(dropbear_version_guess)
|
20
|
+
end
|
21
|
+
|
22
|
+
def dropbear_version_guess
|
23
|
+
return nil if @banner.nil?
|
24
|
+
match = @banner.match(/SSH-2.0-dropbear_(\d+.\d+(?:.\d)?(?:test(:?\d)?)?)/)
|
25
|
+
return nil if match.nil?
|
26
|
+
return match[1]
|
27
|
+
end
|
28
|
+
|
29
|
+
def common
|
30
|
+
"dropbear"
|
31
|
+
end
|
32
|
+
|
33
|
+
def cpe
|
34
|
+
"o:dropbear:dropbear:#{@version.to_s}"
|
35
|
+
end
|
36
|
+
|
37
|
+
def version
|
38
|
+
@version
|
39
|
+
end
|
40
|
+
end
|
41
|
+
end
|
42
|
+
end
|
43
|
+
|
@@ -3,9 +3,13 @@ require 'string_ext'
|
|
3
3
|
|
4
4
|
module SSHScan
|
5
5
|
class TargetParser
|
6
|
-
def enumerateIPRange(ip,
|
6
|
+
def enumerateIPRange(ip,port)
|
7
7
|
if ip.fqdn?
|
8
|
-
|
8
|
+
if port.nil?
|
9
|
+
socket = ip
|
10
|
+
else
|
11
|
+
socket = ip.concat(":").concat(port.to_s)
|
12
|
+
end
|
9
13
|
return [socket]
|
10
14
|
else
|
11
15
|
if ip.include? "-"
|
@@ -14,17 +18,25 @@ module SSHScan
|
|
14
18
|
lower = NetAddr::CIDR.create(octets.join('.') + "." + range[0])
|
15
19
|
upper = NetAddr::CIDR.create(octets.join('.') + "." + range[1])
|
16
20
|
ip_array = NetAddr.range(lower, upper,:Inclusive => true)
|
17
|
-
|
21
|
+
if !port.nil?
|
22
|
+
ip_array.map! { |ip| ip.concat(":").concat(port.to_s) }
|
23
|
+
end
|
18
24
|
return ip_array
|
19
25
|
elsif ip.include? "/"
|
20
26
|
cidr = NetAddr::CIDR.create(ip)
|
21
27
|
ip_array = cidr.enumerate
|
22
28
|
ip_array.delete(cidr.network)
|
23
29
|
ip_array.delete(cidr.last)
|
24
|
-
|
30
|
+
if !port.nil?
|
31
|
+
ip_array.map! { |ip| ip.concat(":").concat(port.to_s) }
|
32
|
+
end
|
25
33
|
return ip_array
|
26
34
|
else
|
27
|
-
|
35
|
+
if port.nil?
|
36
|
+
socket = ip
|
37
|
+
else
|
38
|
+
socket = ip.concat(":").concat(port.to_s)
|
39
|
+
end
|
28
40
|
return [socket]
|
29
41
|
end
|
30
42
|
end
|
data/lib/ssh_scan/version.rb
CHANGED
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: ssh_scan
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.0.
|
4
|
+
version: 0.0.13
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Jonathan Claudius
|
@@ -9,7 +9,7 @@ authors:
|
|
9
9
|
autorequire:
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
|
-
date: 2016-09-
|
12
|
+
date: 2016-09-07 00:00:00.000000000 Z
|
13
13
|
dependencies:
|
14
14
|
- !ruby/object:Gem::Dependency
|
15
15
|
name: bindata
|
@@ -133,11 +133,16 @@ files:
|
|
133
133
|
- lib/ssh_scan/error/connect_timeout.rb
|
134
134
|
- lib/ssh_scan/error/connection_refused.rb
|
135
135
|
- lib/ssh_scan/error/disconnected.rb
|
136
|
+
- lib/ssh_scan/error/no_banner.rb
|
137
|
+
- lib/ssh_scan/error/no_kex_response.rb
|
136
138
|
- lib/ssh_scan/os.rb
|
137
139
|
- lib/ssh_scan/os/centos.rb
|
140
|
+
- lib/ssh_scan/os/cisco.rb
|
138
141
|
- lib/ssh_scan/os/debian.rb
|
142
|
+
- lib/ssh_scan/os/dopra.rb
|
139
143
|
- lib/ssh_scan/os/freebsd.rb
|
140
144
|
- lib/ssh_scan/os/redhat.rb
|
145
|
+
- lib/ssh_scan/os/ros.rb
|
141
146
|
- lib/ssh_scan/os/ubuntu.rb
|
142
147
|
- lib/ssh_scan/os/unknown.rb
|
143
148
|
- lib/ssh_scan/os/windows.rb
|
@@ -146,8 +151,12 @@ files:
|
|
146
151
|
- lib/ssh_scan/protocol.rb
|
147
152
|
- lib/ssh_scan/scan_engine.rb
|
148
153
|
- lib/ssh_scan/ssh_lib.rb
|
154
|
+
- lib/ssh_scan/ssh_lib/ciscossh.rb
|
155
|
+
- lib/ssh_scan/ssh_lib/doprassh.rb
|
156
|
+
- lib/ssh_scan/ssh_lib/dropbear.rb
|
149
157
|
- lib/ssh_scan/ssh_lib/libssh.rb
|
150
158
|
- lib/ssh_scan/ssh_lib/openssh.rb
|
159
|
+
- lib/ssh_scan/ssh_lib/rosssh.rb
|
151
160
|
- lib/ssh_scan/ssh_lib/unknown.rb
|
152
161
|
- lib/ssh_scan/target_parser.rb
|
153
162
|
- lib/ssh_scan/version.rb
|