ssh_scan 0.0.17 → 0.0.18
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.travis.yml +5 -0
- data/README.md +4 -3
- data/bin/ssh_scan +2 -8
- data/data/README +1 -0
- data/data/ssh-badkeys/LICENSE +22 -0
- data/data/ssh-badkeys/README.md +12 -0
- data/data/ssh-badkeys/authorized/array-networks-vapv-vxag.pub +1 -0
- data/data/ssh-badkeys/authorized/array-networks-vapv-vxag.yml +8 -0
- data/data/ssh-badkeys/authorized/barracuda_load_balancer_vm.pub +1 -0
- data/data/ssh-badkeys/authorized/barracuda_load_balancer_vm.yml +7 -0
- data/data/ssh-badkeys/authorized/ceragon-fibeair-cve-2015-0936.pub +1 -0
- data/data/ssh-badkeys/authorized/ceragon-fibeair-cve-2015-0936.yml +7 -0
- data/data/ssh-badkeys/authorized/f5-bigip-cve-2012-1493.pub +1 -0
- data/data/ssh-badkeys/authorized/f5-bigip-cve-2012-1493.yml +7 -0
- data/data/ssh-badkeys/authorized/loadbalancer.org-enterprise-va.pub +1 -0
- data/data/ssh-badkeys/authorized/loadbalancer.org-enterprise-va.yml +5 -0
- data/data/ssh-badkeys/authorized/monroe-dasdec-cve-2013-0137.pub +1 -0
- data/data/ssh-badkeys/authorized/monroe-dasdec-cve-2013-0137.yml +6 -0
- data/data/ssh-badkeys/authorized/quantum-dxi-v1000.pub +1 -0
- data/data/ssh-badkeys/authorized/quantum-dxi-v1000.yml +5 -0
- data/data/ssh-badkeys/authorized/vagrant-default.pub +1 -0
- data/data/ssh-badkeys/authorized/vagrant-default.yml +5 -0
- data/data/ssh-badkeys/host/Actiontec_q2000_rsa.pub +1 -0
- data/data/ssh-badkeys/host/Actiontec_q2000_rsa.yml +4 -0
- data/data/ssh-badkeys/host/Alice_1121_rsa.pub +1 -0
- data/data/ssh-badkeys/host/Alice_1121_rsa.yml +4 -0
- data/data/ssh-badkeys/host/Cisco_RV315W_dsa.pub +1 -0
- data/data/ssh-badkeys/host/Cisco_RV315W_dsa.yml +4 -0
- data/data/ssh-badkeys/host/Cisco_RV315W_rsa.pub +1 -0
- data/data/ssh-badkeys/host/Cisco_RV315W_rsa.yml +4 -0
- data/data/ssh-badkeys/host/Cisco_rtp300_dsa.pub +1 -0
- data/data/ssh-badkeys/host/Cisco_rtp300_dsa.yml +4 -0
- data/data/ssh-badkeys/host/Cisco_rtp300_rsa.pub +1 -0
- data/data/ssh-badkeys/host/Cisco_rtp300_rsa.yml +4 -0
- data/data/ssh-badkeys/host/Cisco_rv120w_dsa.pub +1 -0
- data/data/ssh-badkeys/host/Cisco_rv120w_dsa.yml +4 -0
- data/data/ssh-badkeys/host/Cisco_rv120w_rsa.pub +1 -0
- data/data/ssh-badkeys/host/Cisco_rv120w_rsa.yml +4 -0
- data/data/ssh-badkeys/host/Comtrend_AR5387UN_rsa.pub +1 -0
- data/data/ssh-badkeys/host/Comtrend_AR5387UN_rsa.yml +4 -0
- data/data/ssh-badkeys/host/EVW3226_rsa.pub +1 -0
- data/data/ssh-badkeys/host/EVW3226_rsa.yml +4 -0
- data/data/ssh-badkeys/host/Edimax_AR-7167_dsa.pub +1 -0
- data/data/ssh-badkeys/host/Edimax_AR-7167_dsa.yml +4 -0
- data/data/ssh-badkeys/host/Edimax_AR-7167_rsa.pub +1 -0
- data/data/ssh-badkeys/host/Edimax_AR-7167_rsa.yml +4 -0
- data/data/ssh-badkeys/host/Huawei_bm626_dsa.pub +1 -0
- data/data/ssh-badkeys/host/Huawei_bm626_dsa.yml +4 -0
- data/data/ssh-badkeys/host/Huawei_bm626_rsa.pub +1 -0
- data/data/ssh-badkeys/host/Huawei_bm626_rsa.yml +4 -0
- data/data/ssh-badkeys/host/Innacomm_w3400v_rsa.pub +1 -0
- data/data/ssh-badkeys/host/Innacomm_w3400v_rsa.yml +4 -0
- data/data/ssh-badkeys/host/Linksys_X1000_rsa.pub +1 -0
- data/data/ssh-badkeys/host/Linksys_X1000_rsa.yml +4 -0
- data/data/ssh-badkeys/host/Moxa_6150_rsa.pub +1 -0
- data/data/ssh-badkeys/host/Moxa_6150_rsa.yml +4 -0
- data/data/ssh-badkeys/host/Moxa_ia240_dsa.pub +1 -0
- data/data/ssh-badkeys/host/Moxa_ia240_dsa.yml +4 -0
- data/data/ssh-badkeys/host/Moxa_ia240_rsa.pub +1 -0
- data/data/ssh-badkeys/host/Moxa_ia240_rsa.yml +4 -0
- data/data/ssh-badkeys/host/Ont_g4020w_rsa.pub +1 -0
- data/data/ssh-badkeys/host/Ont_g4020w_rsa.yml +4 -0
- data/data/ssh-badkeys/host/Pace_V5542_dsa.pub +1 -0
- data/data/ssh-badkeys/host/Pace_V5542_dsa.yml +4 -0
- data/data/ssh-badkeys/host/Quanta_LTE.pub +1 -0
- data/data/ssh-badkeys/host/Quanta_LTE.yml +5 -0
- data/data/ssh-badkeys/host/Sagemcom_2740_rsa.pub +1 -0
- data/data/ssh-badkeys/host/Sagemcom_2740_rsa.yml +4 -0
- data/data/ssh-badkeys/host/Sagemcom_sx682_dsa.pub +1 -0
- data/data/ssh-badkeys/host/Sagemcom_sx682_dsa.yml +4 -0
- data/data/ssh-badkeys/host/Seagate_GoFlex_dsa.pub +1 -0
- data/data/ssh-badkeys/host/Seagate_GoFlex_dsa.yml +4 -0
- data/data/ssh-badkeys/host/Seagate_GoFlex_rsa.pub +1 -0
- data/data/ssh-badkeys/host/Seagate_GoFlex_rsa.yml +4 -0
- data/data/ssh-badkeys/host/Telefonica-de-Espana_rsa.pub +1 -0
- data/data/ssh-badkeys/host/Telefonica-de-Espana_rsa.yml +4 -0
- data/data/ssh-badkeys/host/Tplink_tdw8960n-V1_rsa.pub +1 -0
- data/data/ssh-badkeys/host/Tplink_tdw8960n-V1_rsa.yml +4 -0
- data/data/ssh-badkeys/host/Tplink_w8950n_rsa.pub +1 -0
- data/data/ssh-badkeys/host/Tplink_w8950n_rsa.yml +4 -0
- data/data/ssh-badkeys/host/Tplink_w8950nd_rsa.pub +1 -0
- data/data/ssh-badkeys/host/Tplink_w8950nd_rsa.yml +4 -0
- data/data/ssh-badkeys/host/Trendnet_tdmc500_rsa.pub +1 -0
- data/data/ssh-badkeys/host/Trendnet_tdmc500_rsa.yml +4 -0
- data/data/ssh-badkeys/host/Trendnet_tew715apo_dsa.pub +1 -0
- data/data/ssh-badkeys/host/Trendnet_tew715apo_dsa.yml +4 -0
- data/data/ssh-badkeys/host/Trendnet_tew715apo_rsa.pub +1 -0
- data/data/ssh-badkeys/host/Trendnet_tew715apo_rsa.yml +4 -0
- data/data/ssh-badkeys/host/Trendnet_tew816drm_dsa.pub +1 -0
- data/data/ssh-badkeys/host/Trendnet_tew816drm_dsa.yml +4 -0
- data/data/ssh-badkeys/host/Trendnet_tew816drm_rsa.pub +1 -0
- data/data/ssh-badkeys/host/Trendnet_tew816drm_rsa.yml +4 -0
- data/data/ssh-badkeys/host/Trendnet_tvip310pi_dsa.pub +1 -0
- data/data/ssh-badkeys/host/Trendnet_tvip310pi_dsa.yml +4 -0
- data/data/ssh-badkeys/host/Trendnet_tvip310pi_rsa.pub +1 -0
- data/data/ssh-badkeys/host/Trendnet_tvip310pi_rsa.yml +4 -0
- data/data/ssh-badkeys/host/Westermo_MRD310_dsa.pub +1 -0
- data/data/ssh-badkeys/host/Westermo_MRD310_rsa.pub +1 -0
- data/data/ssh-badkeys/host/Zhone_6512a1_rsa.pub +1 -0
- data/data/ssh-badkeys/host/Zhone_6512a1_rsa.yml +4 -0
- data/data/ssh-badkeys/host/Zyxel_fsg2200_rsa.pub +1 -0
- data/data/ssh-badkeys/host/Zyxel_fsg2200_rsa.yml +4 -0
- data/data/ssh-badkeys/host/Zyxel_p870h_rsa.pub +1 -0
- data/data/ssh-badkeys/host/Zyxel_p870h_rsa.yml +4 -0
- data/data/ssh-badkeys/host/Zyxel_pmg1006_dsa.pub +1 -0
- data/data/ssh-badkeys/host/Zyxel_pmg1006_dsa.yml +4 -0
- data/data/ssh-badkeys/host/Zyxel_pmg1006_rsa.pub +1 -0
- data/data/ssh-badkeys/host/Zyxel_pmg1006_rsa.yml +4 -0
- data/data/ssh-badkeys/host/Zyxel_sbg3300_rsa.pub +1 -0
- data/data/ssh-badkeys/host/Zyxel_sbg3300_rsa.yml +4 -0
- data/data/ssh-badkeys/host/advantech_eki_rsa.pub +1 -0
- data/data/ssh-badkeys/host/advantech_eki_rsa.yml +4 -0
- data/data/ssh-badkeys/host/kali-rpi2.pub +1 -0
- data/data/ssh-badkeys/host/kali-rpi2.yml +4 -0
- data/data/ssh-badkeys/host/moovbox_host_dsa.pub +1 -0
- data/data/ssh-badkeys/host/moovbox_host_dsa.yml +4 -0
- data/data/ssh-badkeys/host/moovbox_host_rsa.pub +1 -0
- data/data/ssh-badkeys/host/moovbox_host_rsa.yml +4 -0
- data/data/ssh-badkeys/host/tandberg-vcs.pub +1 -0
- data/data/ssh-badkeys/host/tandberg-vcs.yml +5 -0
- data/data/ssh-badkeys/host/zyxel-q100_rsa.pub +1 -0
- data/data/ssh-badkeys/host/zyxel-q100_rsa.yml +4 -0
- data/data/ssh-badkeys/host/zyxel-vmg1312_rsa.pub +1 -0
- data/data/ssh-badkeys/host/zyxel-vmg1312_rsa.yml +4 -0
- data/lib/ssh_scan.rb +1 -0
- data/lib/ssh_scan/crypto.rb +29 -3
- data/lib/ssh_scan/fingerprint_database.rb +39 -0
- data/lib/ssh_scan/scan_engine.rb +30 -28
- data/lib/ssh_scan/version.rb +1 -1
- data/lib/string_ext.rb +1 -1
- data/ssh_scan.gemspec +3 -0
- metadata +213 -2
|
@@ -0,0 +1 @@
|
|
|
1
|
+
ssh-dss AAAAB3NzaC1kc3MAAABBAP1DVzoJocl1kXDgWS7p+obKYrkv0PzfyrtLLWKw+ZEK+703DawjWQ2A5wlRX6wuv8cgUBj9H4VAaUVHO3qCaTMAAAAVAOLUu3B5ClDwieTcsYqmu517ABBXAAAAQQCBN88tBxXECKqROjBK8D+1XJfAI+i+zecEErxL2cVb5nMab2hHZFxytt+6WfQCRqhRWZpwYHG8P7P2qGEeCI2NAAAAQHgb3XCIGBJcuxFJdG29SsUxnve4cXTN9b4SZ8xpIK85chIX9vndVe+egNJgKyr55KtTCpWhY+L8Z6qhlcqUX54=
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
ssh-dss AAAAB3NzaC1kc3MAAACBAOShg6ddwma8BKFgHkuY331UEFrk+5M2Z4tCQzXPQSs38yJl2UenQ0MOyw9d60wdXe3KIB/HqfaIPsTrAPU2RpWpEmqcwhSFdiw6wQwc3gOrz1HitE+BdRkq/lLEPye75mmIJHTCuNgqVqaiBzrJjs6ohejM/m2FUnyJKfxcBWvhAAAAFQDZ0u/mrzJHLDTZGMZx+Us77FIfaQAAAIAuLbLDKEO2OJYkkIpN8+et4YnMma7C2hHanYsme1mXz+s+bcOpuLhlazTyV5N7Clbw8Cs+updPVOFdF0GjZ1oQJTwQNLHlngBYoFnNHC0Npg6n/MD6T4g2hzwdwC60S7NLp8j7CM2ugno6jodssWv7AqY1edbVrmeoXDtyCeKiYAAAAIEAk5ZKDyvACL+aB9yWFtiTu5pP9bi64Mj4kjLf2yg1zM+DKevxHaEE3ZYOJBoyj+Y8HH3DZBPWBIb2KgrEFoitHco+QBm4QaQj3Gfl774zV+wmKAnf2iv4N6Ke/7+v9Ymb2hVAw2G1+bIZlmnuXy7kkWZwmh/3vtvt1VswYvK7p3I=
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAr9h6zIROyA+A+JgIA+SAWReL9l9HaFSBhJNSW8or4EMzIZz3GrbJVGD5/mJfMRipUfH3Gt5MTPN682n4e/VkqPdsQWwb0RC5bFiMU4KwEZyuYrxBWoQv0UMS7V/EWh4rypLtag99x3Oid5u0uVS/5y06YLV8XpHO9slKRg5qpEgbXAqPo0C/vIImgHUxOOTNg6yOIuRHPqLhUeN03BjLwcgliuMWvUDkNxwf7BhqudQnhmHA6gJAbH9PJn6ECxzTXpHRVtLadYkCwOzq3V4HLAO8FmpzNfvXFBzX3nHeNtCvgqyGgnr9YDosBwYjzubmRKAbePweCDzrii+aRsKlXw==
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgwCKj10BLi11/oSbukFArKJZTXvBvw+AUGfie6fdE7psCNwCLM5bYnJgjQZMP/VOhJkxkA539e2mM4fW9U4ECAUwgvlF9AZGhcmn0kF0jIjMUDgCV8kFIS85OuBU/ayyswdYp6bxp3zn0tGAh0Ty8ikf7CgWU5c+PCbpygbBxMDfZM9P
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgwC0frfsMNpuhz4RDjRpzZthkGs1V8X/xjVhvmN4sySasHL9n//sxqTyMdrAWQTVMCauJDJTweWjYRUoHifxifC0P55B3wvqCvr1BPpekNfvjRVZn5/Nm/xVU4i4SFZkHwmufyyzJgSuO9YgMsOYCCe/wve8ulttUrHxHlSfeexnG/A1
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgwCPP9CoRpVtXwWvZXhqhWNqREIdEcCrtqI+XdVAuMH43MLizZUmIrQHRSTCyEjwTnFJ4FudjL//nkrdPuZVg5dDP4njXb8nxAk6JC3ULDCjLWsCG2vpzaPi3sxGr2H6AFTFNB3H/dyVlLEX6t5tFSboa45SnQF0vz2OE8dugN5qw1+N
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgwCAnQcDza1fw/2rHrXlxvU7TPhjBTQ2Dxdy3R9jVPfmAf5l1iGq30oSSUeKj67+gExVY0S/3gvrYmR0luAtGC3VYhA686OH7BijWBFbo7fzXZt2L0pMyVnE17+XQj8uEOvuLhmFunfha8jwTD5ei1UVcVt0cBBMAFqO7VUCk5vuA/Id
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgwCDK/l+dBrBXBwyndkS9Rqs4kekkuz+aRdBqMXOqs1gkroAUsstT6sUrdnRZqUU6jnA3iMTBateRmcfeX2WIMZ24wlbwQK9P20RUomOfMcVEETh/E2AN31vhXHMPiX0WdoawRKR7vAjTuSzPorYj6wvrVROQAoXad2sTKiVZ63JU7Gt
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
ssh-dss AAAAB3NzaC1kc3MAAACBAMCnIHQ+N8IPqBKYMpYlp/3ax6B37S+o1KL28eUVBS9GtV/+oWBwbXm3RzCnBm33Q0VKpFkbCGzFQoqcX5fhIXIfrjg3mMS+4yNSqFm7v+3kmfyjfwcc2rBJzFWRAFqJboPH2tKtbUXgTI6HpeOsl/3ttj10I76cXce/Y+6XfQYvAAAAFQD8i5x0kBfU8T92AH5r0vH9a3ONuwAAAIAY/Ftc/uo+DLD1ndseaQulRxcdxtBYN6xfdnHGplnDjc4K6CUtKf9mrwCZxCtR1qJmXtAVkas/F4vmvM6nmIAFfnh2UOk+Ov10uc1yWBS9vOQdjsbcx/wrIZzHwCBT7iXN4J3rbVHYyFozjC3TtP6KcBJZolBM9kRfGoyjSeD30wAAAIEAgRZVh7lLwDbGv8sJifQSKwxBpX8r7at6pcbH10BiT23E7CmkH8q0k4oTxilS5cJ1idlml/7mTGz7p6ialNF3QK6tIGQ4BNfh4EOluYHHuw41Twm5/58eVIryd3mhv1Fdf4JkSQQUxrR2oe1HDdJrwmRSFnR6t1ldZvjmV4LtMPQ=
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgwCaX+klFFjH2SREDCqGtja+6IwCYlFK+jF9XxWPEfW5w/fS4D/xQp9uZ/4GayFSDCx2hS7PwJJIJKpm3blG4Nq1hnu8TR7LyMZAFqVF9ezSRNLjEDSiCkucq25xlmX2xgVxw3rvxDkQRIhl38uu4QLy0Vl/f3tEi0+dfEBJEKSLlrR/
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
ssh-dss AAAAB3NzaC1kc3MAAACBAOCK/1pYo80lhQlKzGupJWL17LGGKVHgVgMWvJQXnEs9fFkchKg+QlcP1LmSns9id3XvdpMNQQIgVo51WydOkUqaB32hC2LgoSlga9fLITlb42l7cnqTcSLuqWRBumgrHZaXRWVdeaybvvRaXtX6n+QL5v0XRrunanXl12EZjIrhAAAAFQC6YX83EiDQ4GtaXOF+MnI3YbCg2wAAAIEA1nvWZphm3lYkE7QlK4CIUSFsZ9tbVqqulXKYqHOeXW9GHsUWiTeacebNzlD+tm3jxR9Fy33LUN/MrjwyneFQz2GJ0453EqEtDIX1/j6fPbKOuxChBmSJ3sGkSTmTJtyIyMcFSIoMdzlf0rufBiX1y7aLtY6MgRGqxqRcn2kqqGIAAACAOjZFfMY+Gd0mUrsdEIkTw3lL6xAf9V7oJ5MJ1eFnS+ekNOGTAFdctfEUYNyKh7WmWwWzfLMg69qNFwtKF0XNVKhgbU6b8RaEC3djkLa0IxmKWDW473xcbP1QprJvRP/kbNl/639xHnpnI3bw3pa7sIJeFCYR3WmEyBmvhawlJy8=
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgwCAmPVBs6DX2/2G6NcLwFI6jP055kbQzxGNNaYngPhR3TT9MMiGnR2waCQYrZq0n7D+RKu9tEiYU05tPiaMqm5z4qHq2OePKIL4jFhcTJk8p0yz1IpPp9FJjvZ6Daw4Mvr+r+RNNnSTn7Iq7bIxWyNgXnQc7Lx7IPmm8JDqskFEtOC7
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
ssh-dss AAAAB3NzaC1kc3MAAACBAKuPfWJqwzTz+kimeS+fI3E76N/v6EnneT0tYsLNuXmIF2zmibEYYpt5OOe9wm/VPEx0cGTeVKcO1niCyjppLvh5CN2LRIUGAgoLwLi5y+mI1IqgsB2j2Bfh6MFBmwpt1PEka6sllQXq+srYpjXzzg9hnKT+F2TdwNBfKplpfjtbAAAAFQChBYZ8thdbHU2Rk+59kH48A45ZMwAAAIB24M4fNZ3rg8j+HlJTmsqslml8zLfjNY015AypVHefMBe4dcLH670Rl0rg53TyDe97HBFJGJucNYwqfjs2kg89MU7rhkVGf6GZ9yDSsIfp6gYtaLLgmIYwQ7ATroUyi1RyL9IDhRMMLAx38FJidOqoHdQeBpFh6IqFhj5jV27x9AAAAIA1yGK6T8kyCmBVyKwpg6EANkjRWuCoWRIfXCUQn7c/rphQousclvk1R4T85MUbzarkdrY4F0/wdDrATLh2mwXZcopn6AFcZo/8zFBfTlo/4wwvfo2D5CKOz9MunCHfwLdZLN9bl9EFm21JzmdMMlldsLiCrgEl2yWIZ2AIrf6G1g==
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgwCmgzZKxvy0Dfv6ZuMhZ4W1mLd3j/ZsxZpsO4j7PMElcAO2pX/9/C5pHGPetNR+koojxatVEJ4cOqY2cCNwneL5Omg37xmFeC4MXmYWFg234R6AotIYCSXjdtwcEkG9D2MdVn3KpQ4cKKojzZnOtj6Mh42F+b0dyDCGX08XRNnBfW5l
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
ssh-dss AAAAB3NzaC1kc3MAAACBAJQZh8jURDVc+3itozItc5pkRwsmWQkjOjfBTlz5CF8Ap5Z3WUcbme8hgONSWLhzU3Fb+Z4h2cAGpXyF68ZHJSP8xDIFhFB9CjUQq5DQPXp7CH50q6a9llCtT9ERogl2LUMzP0lGsQWBRNfXnobs6b7mSZT50F4Os8ODDkAfg5mrAAAAFQCACqgT7K3gLi7UxioNVqdPCH8ISQAAAIEAiq7iGESZwq1mgVKDXvt62yFMyen1t/NxFGP9wFD9l/h+SWOOJdoPYl8iW85s5JCbn8MadRklAK5nOfzDRJ9BtEK1dBdydIxJFb255EcpFhaaFBss0abRKHtrOIhqWl1tu4sDR5hPedKOEInnf90rZyPQ68YFd4quKuxoOwWTp0YAAACAaIK507b5EkTGobbR8+YjeZkfXVYmfly4zU8IL0LRRbFA0Gs22RziZFQaQM2BhFvAmQihRDXrT3f5lgtKV0wLTti669gFodWCRLLiElTFNLQhw3ABmWBz/jVKn8fb3yNGis7L4e4t2kW4hSe2/uuI1QXhe7wmCnP9wdI2YVQDLHA= bgannon@zaphod
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAxS2g8708Gq6FOYCtQk+eag5NmZHkANuBOFcAg6UdnFEJ2Gy4b+JnHnn1LlJ4o0cQ7puPQiYEvtTffH39W3UxW3K7006b6a2NnP9DGq6eVcJT+ji45lBBGSRawfjFSYsmldlU+Y07m8M/jD5Z2QLCrGgOy73GlLwQDlHFPIKoozznJ0Z7mROExxWMSgsHHa0qg9zq40igmIwTQgNvKS4ZEEo9eiYrniLEhLdt2gnoWzOHQ2iJDh1Od3iZUZI0l+kCybG2IkbNASZk/I9gT/+R2PmbXDzsAa1RXEZuGufAIrQUcgpJ7wUzG56jvJPxPdbmlvtUr1Y3ckhEU5m1RCbKaQ== bgannon@zaphod
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgwCq6dky9ovEf5lAH+DPMUAwB+k511Xvh+zq7YqMCmSIVtx5T1Ieu37ee7LXmbhfBWkvteYR60uAQ7/lYTSlW5uJudSfQgKceQce8s49ZPIS8O8/ByTsnjZu0U+2oivcewhkWA6Dg6lbryDcRijLRUDxE+HY+X16f4Ev301v9YJW8+2z
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA1dmgf8O3ujr7JDMwm4hgEHb6V4RrTE/ywzKyyZK0yOqsqxfU3gMA39wVeyvh7AsPs9WGiWItdYN34BPA+jyY63jwZnpvp6udB1NxoNM3b1t8WT5wLrwQLZGDgfCH0aPMLMTcQuUZcf0JQkSvuVRWrsZ6T61m8mBVzK0HewtVVOpzsJc84rW9teWu2sq3FJ/oMC4mnO7GPNOmBr5sQtw7Hwg0XQ6RaOTJNW7ueFy0cMxJqoxb5SLw/VP6F7a0YP8dYWDbCL/KDSZ47TLr529RI+i9v/GoaRtpToIBRFHX9em+R61Mn1Bs+VoNSA+GsQvZ09HvAYuSw0M3QZlPePkCTQ==
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgwCcmuRg2VZUuTGKYUktSrl8OUeqIBjlk7fsb+/I5tRDUzoE80+f8X2kp2bRJVKv5dZJMQuDpyYLkIgWPwDQiBVzBkvtUXAy80k+v9I4s+fQbiPY6VxRzP7yoXHXp6ZwPFuvVVzO9DNNdh3xPPnYsgsB2Z1/YhtaEfghmfU5QUsKABLd
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
ssh-dss AAAAB3NzaC1kc3MAAACBAIvTKYP7aOy1oBB5XGt1IFA6FhuacI3yfaPOpjgG0QuN9zsnj5mNiDQ06bufvfqBjRcO888TqHjMn5TJZ/4m2JmqivuU9usljV8/cvYsfjbB1BiyYcJCvZHw6rqmiIlJZ9WEUgeMgZkvbwcYjjtoozlNSog7lhRilkRdvzV7Erz/AAAAFQCf2Ff2BTVs5U/FmWuNO/vQiZktoQAAAIA9KOmnOBwDqGLutPBffZ0gbr7AW6b0Cw85anRPKTYYbbmIVWlJBv03YkqDTGKOaPKEWeJ6VxgZU6EzbgK/unODEZMhf1LcsxNt/KHKJfIGw4IT/PWuw1tdk0teHEWtrT1Q3HkFKDioabPNk/IjwMzsbFDVl3vA3znCMksaWtyTzAAAAIBMil3C6dCZZ+dtaD+4LIHXEXTWXljaPYDEljmxS9bTQqkyiHLhTNHEWrT+TLHvnBW9gOK9WRvcb3BZy2d82IyVTFm1uHo4JLAhSK+cAWND7lIWqWHM+znw2saRg/z3FR+aCEVyJZdIfPfmw+/i3s3LkY5SryWB8epg+dzzKPesiw==
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgwC0GsFKI5kba1u8ofulkTnT9xFUXTGmyXab5C87Cz58l5AxAX6AIyMh28pOgQJaUVko6VUD1U40nA1W3PLuXZ6ADwFwbqUBOUr1PBsLqp10XlZ+X7uI9M1rnRTNczoDiVCOKwdG99NWYjFZ5FHgGmVYSoxZt/WiBWI8XehSnjZXKG4N
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgwCAiY84QFxmlm5H/HjBPd0R2gzRG5ZoBtquNsKu8s7CO039RvflWtt832UZpQkmm3/TtSpf1fu+caxo25ZOw9VpcUfcRhMTAOIO43jHu0T9ON2XdhU5TGMF+vAMsEGf9TXXDbVfHuKK+ruJ9dFyQYXF4KQasNrVHXQRfY2IFqyn2fxD
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAsZRTyCCGw6EZhjGwwNGaZEPEcNGWU614JHTxyrlF06qIwOtPS6VE0orBspbocP9I+G/FEsQbVybr9nNcwYjAyg/fWYmvocBtl06CY9YRu7T/h0rdn6JR0avzXVmP41xRnCDsvC3jPwJDviK+X3D0w3Hz8/MCci28d3I+LHh0fMvHUfG87yGyHEZHoavezectg7+tTNtJ7nff7YA//lV6MEnvQs+zxihB/n1vVOotOgrz9O2D2Rpg0ilY84wne9MAEpQYmMMjCJyiWWE33je+UeI7PIx111LBTcMAMFyP7oHJ0lmIAGcPlzCJRNirqFoBICNDvCt6+/Y5EAHKEs8ANQ== root@EKI-1528
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDJi5Xj7tpaMFdvQ5+Xf4Z+o1YVCBWLrHrBBCnj857mo+jAMMx1LM7oDvCmfHTt8Z0zDhZw4VPdvLx8XxVgOPw76d2LspIH3QFY5e4/FemadQVBDy8RU4n5sJpzr4prCxZ7iaPkA7vU8xGj1/O5MlYB1D4txAluTQx/nuZh6QmhdWOS1o6UUS1SRjm1P6Pgo+DOsLs8OMAD1kIcOWVdcgh0vsQ7bf2M4CneQDF5R7ZA2EaHRYhmhhSBKCjuOiBKFHCMmmpG1NquEkvSbfAXLs4Bg+C+FJBlf8gIl9npgm0zF78fzBSDGRCzuDPOfwhbfJKnd3xIWYbemqaA+JhRssbt root@builder
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
ssh-dss AAAAB3NzaC1kc3MAAACBAN9pseUSSoyLQV8vfZ00HSXGnu9Alw9EmRlsfweUgVPEd9QYzUou4r7gk4wzfUnfILIjK7+4Goa+Z1nKNfoZLtoZjcDPjOWkhS6chbqb2FHeCgaw6MXNrIQS8Wzd57tq7SIpqnF7j+Rd6RIMfQie/i5MMm/eayGtPgH4iPIEWlVdAAAAFQDgE2/rYWWce97Rq7hjj8VLsPkFuQAAAIEAzLtd895znRv1ffhLJL48lXkYI59dbs2oeQE7PgfaEBiL72PiIaBW7OdIJBqSxtE7B9J7IVzCLJpWhmS/JFdzxFpfUc9/r5ypYZGjMhKxM62jnokU5fYDCaM7hXT2PRuFHVylLYzj2S7WDa5H3ix9cIa9V0cxOO0CSq0P4bAHqUYAAACBAJtctAVpawe5um4PdWHm3322Ys/VgUEYUas63FIKkFNAovtQK77RYjsUMhZeOQxZx9d1UKmZlsDy6OEpiLTDaeBe0UMKR2NcaOTLUNYVezK5GmmJ69S1pgHHvfzxEBp8V4Eycm7PrrUlMmpQJtdNFt3GTLLgnmsqPk09tcdKWW2y
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEA2zjyMtVq4htET2swK7VvJSMD8e92iiFfsS5W5NPv9mpglfR8VN8AKAfcAriRuCiNk9nQ1gtjrOUnrNfLnWaGyEMyzG4EdWzqc/lVCzVp8juk0Qe1TJbOxTFHuG4YBtN23t+BAJgl9xdtx+PjkBeLuYmFo8NHqhznAcdx8xK9iME=
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
ssh-dss AAAAB3NzaC1kc3MAAACBAPe0TXPQpmb6Lv0sizBU2IsK/bws41gi2/C0jBegtmgh10Y+nEplXOgt8rjfXafS0mTaEpvIi67gtm9VAqehma2/4lK1miOP6f4QScQ2vTGF1n5ByRVC8QFFp7WTBDlt5SPz63JI005xETmtMAskKdSZ3YyhbFRmrLBulGl3b3zjAAAAFQDabfcJlLRRWpbkcxtthGIM+yqjnQAAAIAiCBLx0MbN9mKsNDkBLFyeqFXLjA9SPl5vzArlUKf0KkXcSgnt+GbrO5lUrJHcCNyNC/VkvlXJWCc6VOulT3ebenrvW9OzUBTtha72mGvKPAluNKYTXVrBrx+I4KWjBJJUvRzx3pdTphObkU0Y9xkPFZiDLJOldvrh8XyxC830gwAAAIAjxxpAG9jphUvvRVYA+2uUnsN9oy6VHO4Zo4lsAAvkdAS8X/VN/i7+C8xFq6VY0o7qK1gOhibjOIt3nFC38gQYgBRiLQ0Sexm1whS8STsvhqMgQ1196ecB03mVpaMDcteFbBrfRAbwAuOmW2nH9XMBivFuMSNjfs4tyyMimq3ZyQ== hgb@hgbpc
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgwC/2TX7O2hT4oCtqtdnNZXeeqXCBSFHkYAWkwB9zA0uDeVxZVdAU25BefZUXExSqVeOw0DrCibrMD8uuPhxC7no2GYR6mKd8p9F0x9xi2UZVYFW5HNIiT01Zj1JDORRwm8FsC3Jd9zpzzHnufBRoOpaaqFdRxS1DpD9Mzd8yCGsnyg1
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgwDHY3qOn4zaLIbtc8UpWZTQpCuUXoFTOF7kD5GNOmjb8/wPGuxtvT+tAsUb/2JkJxyl7BnznC/V7pTi9LReZ4hDQPtL0zw+rDEX7c3ZfFlI7cHO/vKwuty5hFj74XdXRjk8/2dKvMNeoK/vN4Jjq8R2GkuSvZWST6MKg65jjzkSkRYl
|
data/lib/ssh_scan.rb
CHANGED
data/lib/ssh_scan/crypto.rb
CHANGED
|
@@ -1,4 +1,6 @@
|
|
|
1
1
|
require 'openssl'
|
|
2
|
+
require 'sshkey'
|
|
3
|
+
require 'base64'
|
|
2
4
|
|
|
3
5
|
module SSHScan
|
|
4
6
|
module Crypto
|
|
@@ -7,17 +9,41 @@ module SSHScan
|
|
|
7
9
|
@key = key
|
|
8
10
|
end
|
|
9
11
|
|
|
12
|
+
# Is the current key known to be in our known bad key list
|
|
13
|
+
def bad_key?
|
|
14
|
+
SSHScan::Crypto.bad_public_keys.each do |other_key|
|
|
15
|
+
if self.fingerprint_sha256 == other_key.fingerprint_sha256
|
|
16
|
+
return true
|
|
17
|
+
end
|
|
18
|
+
end
|
|
19
|
+
|
|
20
|
+
return false
|
|
21
|
+
end
|
|
22
|
+
|
|
10
23
|
def fingerprint_md5
|
|
11
|
-
OpenSSL::Digest::MD5.hexdigest(Base64.decode64(@key)).scan(/../).join(':')
|
|
24
|
+
OpenSSL::Digest::MD5.hexdigest(::Base64.decode64(@key)).scan(/../).join(':')
|
|
12
25
|
end
|
|
13
26
|
|
|
14
27
|
def fingerprint_sha1
|
|
15
|
-
OpenSSL::Digest::SHA1.hexdigest(Base64.decode64(@key)).scan(/../).join(':')
|
|
28
|
+
OpenSSL::Digest::SHA1.hexdigest(::Base64.decode64(@key)).scan(/../).join(':')
|
|
16
29
|
end
|
|
17
30
|
|
|
18
31
|
def fingerprint_sha256
|
|
19
|
-
OpenSSL::Digest::SHA256.hexdigest(Base64.decode64(@key)).scan(/../).join(':')
|
|
32
|
+
OpenSSL::Digest::SHA256.hexdigest(::Base64.decode64(@key)).scan(/../).join(':')
|
|
20
33
|
end
|
|
21
34
|
end
|
|
35
|
+
|
|
36
|
+
def self.bad_public_keys
|
|
37
|
+
bad_keys = []
|
|
38
|
+
|
|
39
|
+
Dir.glob("data/ssh-badkeys/host/*.key").each do |file_path|
|
|
40
|
+
file = File.read(File.expand_path(file_path))
|
|
41
|
+
key = SSHKey.new(file)
|
|
42
|
+
bad_keys << SSHScan::Crypto::PublicKey.new(key.ssh_public_key.split[1])
|
|
43
|
+
end
|
|
44
|
+
|
|
45
|
+
return bad_keys
|
|
46
|
+
end
|
|
47
|
+
|
|
22
48
|
end
|
|
23
49
|
end
|
|
@@ -0,0 +1,39 @@
|
|
|
1
|
+
require 'sqlite3'
|
|
2
|
+
|
|
3
|
+
module SSHScan
|
|
4
|
+
class FingerprintDatabase
|
|
5
|
+
def initialize(database_name)
|
|
6
|
+
if File.exists?(database_name)
|
|
7
|
+
@db = ::SQLite3::Database.open(database_name)
|
|
8
|
+
else
|
|
9
|
+
@db = ::SQLite3::Database.new(database_name)
|
|
10
|
+
self.create_schema
|
|
11
|
+
end
|
|
12
|
+
end
|
|
13
|
+
|
|
14
|
+
def create_schema
|
|
15
|
+
@db.execute <<-SQL
|
|
16
|
+
create table fingerprints (
|
|
17
|
+
fingerprint varchar(100),
|
|
18
|
+
ip varchar(100)
|
|
19
|
+
);
|
|
20
|
+
SQL
|
|
21
|
+
end
|
|
22
|
+
|
|
23
|
+
def clear_fingerprints(ip)
|
|
24
|
+
@db.execute "delete from fingerprints where ip like ( ? )", [ip]
|
|
25
|
+
end
|
|
26
|
+
|
|
27
|
+
def add_fingerprint(fingerprint, ip)
|
|
28
|
+
@db.execute "insert into fingerprints values ( ?, ? )", [fingerprint, ip]
|
|
29
|
+
end
|
|
30
|
+
|
|
31
|
+
def find_fingerprints(fingerprint)
|
|
32
|
+
ips = []
|
|
33
|
+
@db.execute( "select * from fingerprints where fingerprint like ( ? )", [fingerprint] ) do |row|
|
|
34
|
+
ips << row[1]
|
|
35
|
+
end
|
|
36
|
+
return ips
|
|
37
|
+
end
|
|
38
|
+
end
|
|
39
|
+
end
|
data/lib/ssh_scan/scan_engine.rb
CHANGED
|
@@ -88,6 +88,7 @@ module SSHScan
|
|
|
88
88
|
pkey = SSHScan::Crypto::PublicKey.new(host_keys[i + 1])
|
|
89
89
|
result['fingerprints'].merge!({
|
|
90
90
|
"dsa" => {
|
|
91
|
+
"known_bad" => pkey.bad_key?.to_s,
|
|
91
92
|
"md5" => pkey.fingerprint_md5,
|
|
92
93
|
"sha1" => pkey.fingerprint_sha1,
|
|
93
94
|
"sha256" => pkey.fingerprint_sha256,
|
|
@@ -99,6 +100,7 @@ module SSHScan
|
|
|
99
100
|
pkey = SSHScan::Crypto::PublicKey.new(host_keys[i + 1])
|
|
100
101
|
result['fingerprints'].merge!({
|
|
101
102
|
"rsa" => {
|
|
103
|
+
"known_bad" => pkey.bad_key?.to_s,
|
|
102
104
|
"md5" => pkey.fingerprint_md5,
|
|
103
105
|
"sha1" => pkey.fingerprint_sha1,
|
|
104
106
|
"sha256" => pkey.fingerprint_sha256,
|
|
@@ -141,36 +143,36 @@ module SSHScan
|
|
|
141
143
|
workers.map(&:join)
|
|
142
144
|
|
|
143
145
|
# Add all the fingerprints to our peristent FingerprintDatabase
|
|
144
|
-
|
|
145
|
-
|
|
146
|
-
|
|
147
|
-
|
|
148
|
-
|
|
149
|
-
|
|
150
|
-
|
|
151
|
-
|
|
152
|
-
|
|
153
|
-
|
|
154
|
-
|
|
155
|
-
|
|
156
|
-
|
|
146
|
+
fingerprint_db = SSHScan::FingerprintDatabase.new(
|
|
147
|
+
opts['fingerprint_database']
|
|
148
|
+
)
|
|
149
|
+
results.each do |result|
|
|
150
|
+
fingerprint_db.clear_fingerprints(result[:ip])
|
|
151
|
+
if result['fingerprints']
|
|
152
|
+
result['fingerprints'].values.each do |host_key_algo|
|
|
153
|
+
host_key_algo.values.each do |fingerprint|
|
|
154
|
+
fingerprint_db.add_fingerprint(fingerprint, result[:ip])
|
|
155
|
+
end
|
|
156
|
+
end
|
|
157
|
+
end
|
|
158
|
+
end
|
|
157
159
|
|
|
158
160
|
# Decorate all the results with duplicate keys
|
|
159
|
-
|
|
160
|
-
|
|
161
|
-
|
|
162
|
-
|
|
163
|
-
|
|
164
|
-
|
|
165
|
-
|
|
166
|
-
|
|
167
|
-
|
|
168
|
-
|
|
169
|
-
|
|
170
|
-
|
|
171
|
-
|
|
172
|
-
|
|
173
|
-
|
|
161
|
+
results.each do |result|
|
|
162
|
+
if result['fingerprints']
|
|
163
|
+
ip = result[:ip]
|
|
164
|
+
result['duplicate_host_key_ips'] = []
|
|
165
|
+
result['fingerprints'].values.each do |host_key_algo|
|
|
166
|
+
host_key_algo.values.each do |fingerprint|
|
|
167
|
+
fingerprint_db.find_fingerprints(fingerprint).each do |other_ip|
|
|
168
|
+
next if ip == other_ip
|
|
169
|
+
result['duplicate_host_key_ips'] << other_ip
|
|
170
|
+
end
|
|
171
|
+
end
|
|
172
|
+
end
|
|
173
|
+
result['duplicate_host_key_ips'].uniq!
|
|
174
|
+
end
|
|
175
|
+
end
|
|
174
176
|
|
|
175
177
|
# Decorate all the results with compliance information
|
|
176
178
|
results.each do |result|
|