ssh_scan 0.0.14 → 0.0.15

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 3d541b6a665e8adbd86013e68cea159cb42a514b
-  data.tar.gz: cbbb3ba9b9e169091ca8db560ccfb06780781f39
+  metadata.gz: c5d764d9a2898d145c0f46eee1c59bb0c6e7bcde
+  data.tar.gz: 9bd1e38f1e4c715bf01a9526b85a5cf4d5c7961f
 SHA512:
-  metadata.gz: 70218de598e768b46841299ebe891980ece0080792d2eac5fcf8d879e13c15c841a817bbf148968cf6ec2117d232c80c7f676eada7b1d812014109bfe5b31c34
-  data.tar.gz: e1fe1bdb16ea13623741607d54e3102af8a4e26c0b94adaebbbc90736c5587a3b2b427057e866cf73e3a66ec7cb58c52a67f6f9ec39a196f6e3cd0bb3c35bb95
+  metadata.gz: d9dca78fe553facec68df4241f43ed13537ef08d5b39f9d50ddafa50e97ba0c24d76a836f527c677e7cd90092be970604a3729b0348e06dfd28daefb4aef34b1
+  data.tar.gz: 67329c5b6e9c652b4572c9d1085be7cf220d48cafe19cf4dfa2827d8849ea5e43afcc284f79638cd1fdb03fca79677b1b662c3bef64f61765e4ab51f442475a4

data/.gitignore

@@ -1,5 +1,6 @@
 *.gem
 *.rbc
+*.db
 /.config
 /coverage/
 /InstalledFiles
@@ -34,3 +35,4 @@ build/
 
 # unless supporting rvm < 1.11.0 or doing something fancy, ignore this:
 .rvmrc
+gh-pages/

data/README.md

@@ -59,22 +59,23 @@ bundle install
 
 Run `ssh_scan -h` to get this
 
-    ssh_scan v0.0.10 (https://github.com/mozilla/ssh_scan)
+ssh_scan v0.0.15 (https://github.com/mozilla/ssh_scan)
 
     Usage: ssh_scan [options]
         -t, --target [IP/Range/Hostname] IP/Ranges/Hostname to scan
         -f, --file [FilePath]            File Path of the file containing IP/Range/Hostnames to scan
         -T, --timeout [seconds]          Timeout per connect after which ssh_scan gives up on the host
-        -o, --output [FilePath]          File to write JSON output to
+        -L, --logger [Log File Path]     Enable logger
         -O, --from_json [FilePath]       File to read JSON output from
+        -o, --output [FilePath]          File to write JSON output to
         -p, --port [PORT]                Port (Default: 22)
         -P, --policy [FILE]              Custom policy file (Default: Mozilla Modern)
             --threads [NUMBER]           Number of worker threads (Default: 5)
+            --fingerprint-db [FILE]      File location of fingerprint database (Default: ./fingerprints.db)
         -u, --unit-test [FILE]           Throw appropriate exit codes based on compliance status
+        -V, --verbosity                  Set the logger level (Accepted Params: INFO, DEBUG, WARN, ERROR, FATAL)
         -v, --version                    Display just version info
         -h, --help                       Show this message
-        -L, --logger[Log File Path]      Enable logger and set the log file
-        -V, --verbosity                  Set the logger level (Params: INFO, DEBUG, WARN, ERROR, FATAL)
 
     Examples:
 

data/bin/ssh_scan

@@ -18,6 +18,7 @@ options = {
   :threads => 5,
   :verbosity => nil,
   :logger => Logger.new(STDERR),
+  :fingerprint_database => "./fingerprints.db"
 }
 
 target_parser = SSHScan::TargetParser.new()
@@ -107,13 +108,18 @@ opt_parser = OptionParser.new do |opts|
     options[:threads] = threads.to_i
   end
 
+  opts.on("--fingerprint-db [FILE]",
+          "File location of fingerprint database (Default: ./fingerprints.db)") do |fingerprint_db|
+    options[:fingerprint_database] = fingerprint_db
+  end
+
   opts.on("-u", "--unit-test [FILE]",
           "Throw appropriate exit codes based on compliance status") do
     options[:unit_test] = true
   end
 
   opts.on("-V", "--verbosity",
-          "Set the logger level (Accpeted Params: INFO, DEBUG, WARN, ERROR, FATAL)") do |verbosity|
+          "Set the logger level (Accepted Params: INFO, DEBUG, WARN, ERROR, FATAL)") do |verbosity|
     options[:logger].level = case options[:verbosity]
       when "INFO" then Logger::INFO
       when "DEBUG" then Logger::DEBUG
@@ -183,6 +189,14 @@ unless File.exists?(options[:policy])
   exit 1
 end
 
+# Check to see if we're running the latest released version
+update = SSHScan::Update.new
+if update.newer_gem_available?
+  options[:logger].warn("You're NOT using the latest version of ssh_scan, try 'gem update ssh_scan' to get the latest")
+else
+  options[:logger].info("You're using the latest version of ssh_scan #{SSHScan::VERSION}")
+end
+
 options[:policy_file] = SSHScan::Policy.from_file(options[:policy])
 
 # Perform scan and get results

data/lib/ssh_scan.rb

@@ -11,6 +11,7 @@ require 'ssh_scan/policy_manager'
 require 'ssh_scan/protocol'
 require 'ssh_scan/scan_engine'
 require 'ssh_scan/target_parser'
+require 'ssh_scan/update'
 
 #Monkey Patches
 require 'string_ext'

data/lib/ssh_scan/client.rb

@@ -71,20 +71,32 @@ module SSHScan
       result[:ssh_lib] = @server_banner.ssh_lib_guess.common
       result[:ssh_lib_cpe] = @server_banner.ssh_lib_guess.cpe
 
-      @sock.write(kex_init_raw)
-      resp = @sock.read(4)
+      begin
+        @sock.write(kex_init_raw)
+        resp = @sock.read(4)
 
-      if resp.nil?
-        @error = SSHScan::Error::NoKexResponse.new("service did not respond to our kex init request")
-        @sock = nil
-        return result
-      end
+        if resp.nil?
+          result[:error] = SSHScan::Error::NoKexResponse.new("service did not respond to our kex init request")
+          @sock = nil
+          return result
+        end
 
-      resp += @sock.read(resp.unpack("N").first)
-      @sock.close
+        resp += @sock.read(resp.unpack("N").first)
+        @sock.close
 
-      kex_exchange_init = SSHScan::KeyExchangeInit.read(resp)
-      result.merge!(kex_exchange_init.to_hash)
+        kex_exchange_init = SSHScan::KeyExchangeInit.read(resp)
+        result.merge!(kex_exchange_init.to_hash)
+      rescue Errno::ETIMEDOUT => e
+        @error = SSHScan::Error::ConnectTimeout.new(e.message)
+        @sock = nil
+      rescue Errno::ECONNREFUSED,
+             Errno::ENETUNREACH,
+             Errno::ECONNRESET,
+             Errno::EACCES,
+             Errno::EHOSTUNREACH => e
+        result[:error] = SSHScan::Error::NoKexResponse.new("service did not respond to our kex init request")
+        @sock = nil
+      end
 
       return result
     end

data/lib/ssh_scan/fingerprint_database.rb

@@ -0,0 +1,39 @@
+require 'sqlite3'
+
+module SSHScan
+  class FingerprintDatabase
+    def initialize(database_name)
+      if File.exists?(database_name)
+        @db = ::SQLite3::Database.open(database_name)
+      else
+        @db = ::SQLite3::Database.new(database_name)
+        self.create_schema
+      end
+    end
+
+    def create_schema
+      @db.execute <<-SQL
+        create table fingerprints (
+          fingerprint varchar(100),
+          ip varchar(100)
+        );
+      SQL
+    end
+
+    def clear_fingerprints(ip)
+      @db.execute "delete from fingerprints where ip like ( ? )", [ip]
+    end
+
+    def add_fingerprint(fingerprint, ip)
+      @db.execute "insert into fingerprints values ( ?, ? )", [fingerprint, ip]
+    end
+
+    def find_fingerprints(fingerprint)
+      ips = []
+      @db.execute( "select * from fingerprints where fingerprint like ( ? )", [fingerprint] ) do |row|
+        ips << row[1]
+      end
+      return ips
+    end
+  end
+end

data/lib/ssh_scan/os/ubuntu.rb

@@ -146,7 +146,8 @@ module SSHScan
          "6.6p1-2ubuntu2.2",
          "6.6p1-2ubuntu2",
          "6.6p1-2ubuntu1",
-         "6.2p2-6ubuntu1"],
+         "6.2p2-6ubuntu1",
+         "6.6.1p1 Ubuntu-8"],
        "14.10" => ["6.6p1-5build1"],
        "15.04" =>
         ["6.7p1-5ubuntu1.4",

data/lib/ssh_scan/scan_engine.rb

@@ -1,6 +1,7 @@
 require 'socket'
 require 'ssh_scan/client'
 require 'ssh_scan/crypto'
+require 'ssh_scan/fingerprint_database'
 require 'net/ssh'
 
 module SSHScan
@@ -11,7 +12,6 @@ module SSHScan
       if port.nil?
         port = 22
       end
-      policy = opts[:policy_file]
       timeout = opts[:timeout]
       result = []
 
@@ -46,7 +46,12 @@ module SSHScan
 
       # Connect and get results (Net-SSH)
       begin
-        net_ssh_session = Net::SSH::Transport::Session.new(target, :port => port, :timeout => timeout)
+        net_ssh_session = Net::SSH::Transport::Session.new(
+                            target,
+                            :port => port,
+                            :timeout => timeout,
+                            :paranoid => Net::SSH::Verifiers::Null.new
+                          )
         raise SSHScan::Error::ClosedConnection.new if net_ssh_session.closed?
         auth_session = Net::SSH::Authentication::Session.new(net_ssh_session, :auth_methods => ["none"])
         auth_session.authenticate("none", "test", "test")
@@ -76,25 +81,8 @@ module SSHScan
         end
       end
 
-      # Do this only when no errors were reported
-      if !policy.nil? &&
-         !result[:key_algorithms].nil? &&
-         !result[:server_host_key_algorithms].nil? &&
-         !result[:encryption_algorithms_client_to_server].nil? &&
-         !result[:encryption_algorithms_server_to_client].nil? &&
-         !result[:mac_algorithms_client_to_server].nil? &&
-         !result[:mac_algorithms_server_to_client].nil? &&
-         !result[:compression_algorithms_client_to_server].nil? &&
-         !result[:compression_algorithms_server_to_client].nil? &&
-         !result[:languages_client_to_server].nil? &&
-         !result[:languages_server_to_client].nil?
-        policy_mgr = SSHScan::PolicyManager.new(result, policy)
-        result['compliance'] = policy_mgr.compliance_results
-      end
-
       # Add scan times
       end_time = Time.now
-
       result['start_time'] = start_time.to_s
       result['end_time'] = end_time.to_s
       result['scan_duration_seconds'] = end_time - start_time
@@ -126,6 +114,51 @@ module SSHScan
       end
       workers.map(&:join)
 
+      # Add all the fingerprints to our peristent FingerprintDatabase
+      fingerprint_db = SSHScan::FingerprintDatabase.new(opts[:fingerprint_database])
+      results.each do |result|
+        fingerprint_db.clear_fingerprints(result[:ip])
+        if result['fingerprints']
+          result['fingerprints'].values.each do |fingerprint|
+            fingerprint_db.add_fingerprint(fingerprint, result[:ip])
+          end
+        end
+      end
+
+      # Decorate all the results with duplicate keys
+      results.each do |result|
+        if result['fingerprints']
+          ip = result[:ip]
+          result['duplicate_host_key_ips'] = []
+          result['fingerprints'].values.each do |fingerprint|
+            fingerprint_db.find_fingerprints(fingerprint).each do |other_ip|
+              next if ip == other_ip
+              result['duplicate_host_key_ips'] << other_ip
+            end
+          end
+          result['duplicate_host_key_ips'].uniq!        
+        end
+      end
+
+      # Decorate all the results with compliance information
+      results.each do |result|
+        # Do this only when we have all the information we need
+        if !opts[:policy_file].nil? &&
+           !result[:key_algorithms].nil? &&
+           !result[:server_host_key_algorithms].nil? &&
+           !result[:encryption_algorithms_client_to_server].nil? &&
+           !result[:encryption_algorithms_server_to_client].nil? &&
+           !result[:mac_algorithms_client_to_server].nil? &&
+           !result[:mac_algorithms_server_to_client].nil? &&
+           !result[:compression_algorithms_client_to_server].nil? &&
+           !result[:compression_algorithms_server_to_client].nil? &&
+           !result[:languages_client_to_server].nil? &&
+           !result[:languages_server_to_client].nil?
+          policy_mgr = SSHScan::PolicyManager.new(result, opts[:policy_file])
+          result['compliance'] = policy_mgr.compliance_results
+        end
+      end
+
       return results
     end
   end

data/lib/ssh_scan/update.rb

@@ -0,0 +1,64 @@
+require 'ssh_scan/os'
+require 'ssh_scan/ssh_lib'
+require 'ssh_scan/version'
+require 'net/http'
+
+module SSHScan
+  class Update
+    def next_patch_version(version = SSHScan::VERSION)
+      major, minor, patch = version.split(".")
+      patch_num = patch.to_i
+      patch_num += 1
+
+      return [major, minor, patch_num.to_s].join(".")
+    end
+
+    def next_minor_version(version = SSHScan::VERSION)
+      major, minor, patch = version.split(".")
+      minor_num = minor.to_i
+      minor_num += 1
+
+      return [major, minor_num.to_s, "0"].join(".")
+    end
+
+    def next_major_version(version = SSHScan::VERSION)
+      major, minor, patch = version.split(".")
+      major_num = major.to_i
+      major_num += 1
+
+      return [major_num.to_s, "0", "0"].join(".")
+    end
+
+    def gem_exists?(version = SSHScan::VERSION)
+      uri = URI("https://rubygems.org/gems/ssh_scan/versions/#{version}")
+
+      begin
+        res = Net::HTTP.get_response(uri)
+      rescue
+        return false
+      end
+
+      if res.code != "200"
+        return false
+      else
+        return true
+      end
+    end
+
+    def newer_gem_available?(version = SSHScan::VERSION)
+      if gem_exists?(next_patch_version(version))
+        return true
+      end
+
+      if gem_exists?(next_minor_version(version))
+        return true
+      end
+
+      if gem_exists?(next_major_version(version))
+        return true
+      end
+
+      return false
+    end
+  end
+end

data/lib/ssh_scan/version.rb

@@ -1,3 +1,3 @@
 module SSHScan
-  VERSION = '0.0.14'
+  VERSION = '0.0.15'
 end

data/ssh_scan.gemspec

@@ -29,6 +29,7 @@ Gem::Specification.new do |s|
   s.add_dependency('bindata', '~> 2.0')
   s.add_dependency('netaddr')
   s.add_dependency('net-ssh')
+  s.add_dependency('sqlite3')
   s.add_development_dependency('pry')
   s.add_development_dependency('rspec', '~> 3.0')
   s.add_development_dependency('rspec-its', '~> 1.2')

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: ssh_scan
 version: !ruby/object:Gem::Version
-  version: 0.0.14
+  version: 0.0.15
 platform: ruby
 authors:
 - Jonathan Claudius
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2016-09-16 00:00:00.000000000 Z
+date: 2016-09-21 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bindata
@@ -53,6 +53,20 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
+- !ruby/object:Gem::Dependency
+  name: sqlite3
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: pry
   requirement: !ruby/object:Gem::Requirement
@@ -136,6 +150,7 @@ files:
 - lib/ssh_scan/error/disconnected.rb
 - lib/ssh_scan/error/no_banner.rb
 - lib/ssh_scan/error/no_kex_response.rb
+- lib/ssh_scan/fingerprint_database.rb
 - lib/ssh_scan/os.rb
 - lib/ssh_scan/os/centos.rb
 - lib/ssh_scan/os/cisco.rb
@@ -160,6 +175,7 @@ files:
 - lib/ssh_scan/ssh_lib/rosssh.rb
 - lib/ssh_scan/ssh_lib/unknown.rb
 - lib/ssh_scan/target_parser.rb
+- lib/ssh_scan/update.rb
 - lib/ssh_scan/version.rb
 - lib/string_ext.rb
 - policies/mozilla_intermediate.yml