ssh_scan 0.0.17 → 0.0.18
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.travis.yml +5 -0
- data/README.md +4 -3
- data/bin/ssh_scan +2 -8
- data/data/README +1 -0
- data/data/ssh-badkeys/LICENSE +22 -0
- data/data/ssh-badkeys/README.md +12 -0
- data/data/ssh-badkeys/authorized/array-networks-vapv-vxag.pub +1 -0
- data/data/ssh-badkeys/authorized/array-networks-vapv-vxag.yml +8 -0
- data/data/ssh-badkeys/authorized/barracuda_load_balancer_vm.pub +1 -0
- data/data/ssh-badkeys/authorized/barracuda_load_balancer_vm.yml +7 -0
- data/data/ssh-badkeys/authorized/ceragon-fibeair-cve-2015-0936.pub +1 -0
- data/data/ssh-badkeys/authorized/ceragon-fibeair-cve-2015-0936.yml +7 -0
- data/data/ssh-badkeys/authorized/f5-bigip-cve-2012-1493.pub +1 -0
- data/data/ssh-badkeys/authorized/f5-bigip-cve-2012-1493.yml +7 -0
- data/data/ssh-badkeys/authorized/loadbalancer.org-enterprise-va.pub +1 -0
- data/data/ssh-badkeys/authorized/loadbalancer.org-enterprise-va.yml +5 -0
- data/data/ssh-badkeys/authorized/monroe-dasdec-cve-2013-0137.pub +1 -0
- data/data/ssh-badkeys/authorized/monroe-dasdec-cve-2013-0137.yml +6 -0
- data/data/ssh-badkeys/authorized/quantum-dxi-v1000.pub +1 -0
- data/data/ssh-badkeys/authorized/quantum-dxi-v1000.yml +5 -0
- data/data/ssh-badkeys/authorized/vagrant-default.pub +1 -0
- data/data/ssh-badkeys/authorized/vagrant-default.yml +5 -0
- data/data/ssh-badkeys/host/Actiontec_q2000_rsa.pub +1 -0
- data/data/ssh-badkeys/host/Actiontec_q2000_rsa.yml +4 -0
- data/data/ssh-badkeys/host/Alice_1121_rsa.pub +1 -0
- data/data/ssh-badkeys/host/Alice_1121_rsa.yml +4 -0
- data/data/ssh-badkeys/host/Cisco_RV315W_dsa.pub +1 -0
- data/data/ssh-badkeys/host/Cisco_RV315W_dsa.yml +4 -0
- data/data/ssh-badkeys/host/Cisco_RV315W_rsa.pub +1 -0
- data/data/ssh-badkeys/host/Cisco_RV315W_rsa.yml +4 -0
- data/data/ssh-badkeys/host/Cisco_rtp300_dsa.pub +1 -0
- data/data/ssh-badkeys/host/Cisco_rtp300_dsa.yml +4 -0
- data/data/ssh-badkeys/host/Cisco_rtp300_rsa.pub +1 -0
- data/data/ssh-badkeys/host/Cisco_rtp300_rsa.yml +4 -0
- data/data/ssh-badkeys/host/Cisco_rv120w_dsa.pub +1 -0
- data/data/ssh-badkeys/host/Cisco_rv120w_dsa.yml +4 -0
- data/data/ssh-badkeys/host/Cisco_rv120w_rsa.pub +1 -0
- data/data/ssh-badkeys/host/Cisco_rv120w_rsa.yml +4 -0
- data/data/ssh-badkeys/host/Comtrend_AR5387UN_rsa.pub +1 -0
- data/data/ssh-badkeys/host/Comtrend_AR5387UN_rsa.yml +4 -0
- data/data/ssh-badkeys/host/EVW3226_rsa.pub +1 -0
- data/data/ssh-badkeys/host/EVW3226_rsa.yml +4 -0
- data/data/ssh-badkeys/host/Edimax_AR-7167_dsa.pub +1 -0
- data/data/ssh-badkeys/host/Edimax_AR-7167_dsa.yml +4 -0
- data/data/ssh-badkeys/host/Edimax_AR-7167_rsa.pub +1 -0
- data/data/ssh-badkeys/host/Edimax_AR-7167_rsa.yml +4 -0
- data/data/ssh-badkeys/host/Huawei_bm626_dsa.pub +1 -0
- data/data/ssh-badkeys/host/Huawei_bm626_dsa.yml +4 -0
- data/data/ssh-badkeys/host/Huawei_bm626_rsa.pub +1 -0
- data/data/ssh-badkeys/host/Huawei_bm626_rsa.yml +4 -0
- data/data/ssh-badkeys/host/Innacomm_w3400v_rsa.pub +1 -0
- data/data/ssh-badkeys/host/Innacomm_w3400v_rsa.yml +4 -0
- data/data/ssh-badkeys/host/Linksys_X1000_rsa.pub +1 -0
- data/data/ssh-badkeys/host/Linksys_X1000_rsa.yml +4 -0
- data/data/ssh-badkeys/host/Moxa_6150_rsa.pub +1 -0
- data/data/ssh-badkeys/host/Moxa_6150_rsa.yml +4 -0
- data/data/ssh-badkeys/host/Moxa_ia240_dsa.pub +1 -0
- data/data/ssh-badkeys/host/Moxa_ia240_dsa.yml +4 -0
- data/data/ssh-badkeys/host/Moxa_ia240_rsa.pub +1 -0
- data/data/ssh-badkeys/host/Moxa_ia240_rsa.yml +4 -0
- data/data/ssh-badkeys/host/Ont_g4020w_rsa.pub +1 -0
- data/data/ssh-badkeys/host/Ont_g4020w_rsa.yml +4 -0
- data/data/ssh-badkeys/host/Pace_V5542_dsa.pub +1 -0
- data/data/ssh-badkeys/host/Pace_V5542_dsa.yml +4 -0
- data/data/ssh-badkeys/host/Quanta_LTE.pub +1 -0
- data/data/ssh-badkeys/host/Quanta_LTE.yml +5 -0
- data/data/ssh-badkeys/host/Sagemcom_2740_rsa.pub +1 -0
- data/data/ssh-badkeys/host/Sagemcom_2740_rsa.yml +4 -0
- data/data/ssh-badkeys/host/Sagemcom_sx682_dsa.pub +1 -0
- data/data/ssh-badkeys/host/Sagemcom_sx682_dsa.yml +4 -0
- data/data/ssh-badkeys/host/Seagate_GoFlex_dsa.pub +1 -0
- data/data/ssh-badkeys/host/Seagate_GoFlex_dsa.yml +4 -0
- data/data/ssh-badkeys/host/Seagate_GoFlex_rsa.pub +1 -0
- data/data/ssh-badkeys/host/Seagate_GoFlex_rsa.yml +4 -0
- data/data/ssh-badkeys/host/Telefonica-de-Espana_rsa.pub +1 -0
- data/data/ssh-badkeys/host/Telefonica-de-Espana_rsa.yml +4 -0
- data/data/ssh-badkeys/host/Tplink_tdw8960n-V1_rsa.pub +1 -0
- data/data/ssh-badkeys/host/Tplink_tdw8960n-V1_rsa.yml +4 -0
- data/data/ssh-badkeys/host/Tplink_w8950n_rsa.pub +1 -0
- data/data/ssh-badkeys/host/Tplink_w8950n_rsa.yml +4 -0
- data/data/ssh-badkeys/host/Tplink_w8950nd_rsa.pub +1 -0
- data/data/ssh-badkeys/host/Tplink_w8950nd_rsa.yml +4 -0
- data/data/ssh-badkeys/host/Trendnet_tdmc500_rsa.pub +1 -0
- data/data/ssh-badkeys/host/Trendnet_tdmc500_rsa.yml +4 -0
- data/data/ssh-badkeys/host/Trendnet_tew715apo_dsa.pub +1 -0
- data/data/ssh-badkeys/host/Trendnet_tew715apo_dsa.yml +4 -0
- data/data/ssh-badkeys/host/Trendnet_tew715apo_rsa.pub +1 -0
- data/data/ssh-badkeys/host/Trendnet_tew715apo_rsa.yml +4 -0
- data/data/ssh-badkeys/host/Trendnet_tew816drm_dsa.pub +1 -0
- data/data/ssh-badkeys/host/Trendnet_tew816drm_dsa.yml +4 -0
- data/data/ssh-badkeys/host/Trendnet_tew816drm_rsa.pub +1 -0
- data/data/ssh-badkeys/host/Trendnet_tew816drm_rsa.yml +4 -0
- data/data/ssh-badkeys/host/Trendnet_tvip310pi_dsa.pub +1 -0
- data/data/ssh-badkeys/host/Trendnet_tvip310pi_dsa.yml +4 -0
- data/data/ssh-badkeys/host/Trendnet_tvip310pi_rsa.pub +1 -0
- data/data/ssh-badkeys/host/Trendnet_tvip310pi_rsa.yml +4 -0
- data/data/ssh-badkeys/host/Westermo_MRD310_dsa.pub +1 -0
- data/data/ssh-badkeys/host/Westermo_MRD310_rsa.pub +1 -0
- data/data/ssh-badkeys/host/Zhone_6512a1_rsa.pub +1 -0
- data/data/ssh-badkeys/host/Zhone_6512a1_rsa.yml +4 -0
- data/data/ssh-badkeys/host/Zyxel_fsg2200_rsa.pub +1 -0
- data/data/ssh-badkeys/host/Zyxel_fsg2200_rsa.yml +4 -0
- data/data/ssh-badkeys/host/Zyxel_p870h_rsa.pub +1 -0
- data/data/ssh-badkeys/host/Zyxel_p870h_rsa.yml +4 -0
- data/data/ssh-badkeys/host/Zyxel_pmg1006_dsa.pub +1 -0
- data/data/ssh-badkeys/host/Zyxel_pmg1006_dsa.yml +4 -0
- data/data/ssh-badkeys/host/Zyxel_pmg1006_rsa.pub +1 -0
- data/data/ssh-badkeys/host/Zyxel_pmg1006_rsa.yml +4 -0
- data/data/ssh-badkeys/host/Zyxel_sbg3300_rsa.pub +1 -0
- data/data/ssh-badkeys/host/Zyxel_sbg3300_rsa.yml +4 -0
- data/data/ssh-badkeys/host/advantech_eki_rsa.pub +1 -0
- data/data/ssh-badkeys/host/advantech_eki_rsa.yml +4 -0
- data/data/ssh-badkeys/host/kali-rpi2.pub +1 -0
- data/data/ssh-badkeys/host/kali-rpi2.yml +4 -0
- data/data/ssh-badkeys/host/moovbox_host_dsa.pub +1 -0
- data/data/ssh-badkeys/host/moovbox_host_dsa.yml +4 -0
- data/data/ssh-badkeys/host/moovbox_host_rsa.pub +1 -0
- data/data/ssh-badkeys/host/moovbox_host_rsa.yml +4 -0
- data/data/ssh-badkeys/host/tandberg-vcs.pub +1 -0
- data/data/ssh-badkeys/host/tandberg-vcs.yml +5 -0
- data/data/ssh-badkeys/host/zyxel-q100_rsa.pub +1 -0
- data/data/ssh-badkeys/host/zyxel-q100_rsa.yml +4 -0
- data/data/ssh-badkeys/host/zyxel-vmg1312_rsa.pub +1 -0
- data/data/ssh-badkeys/host/zyxel-vmg1312_rsa.yml +4 -0
- data/lib/ssh_scan.rb +1 -0
- data/lib/ssh_scan/crypto.rb +29 -3
- data/lib/ssh_scan/fingerprint_database.rb +39 -0
- data/lib/ssh_scan/scan_engine.rb +30 -28
- data/lib/ssh_scan/version.rb +1 -1
- data/lib/string_ext.rb +1 -1
- data/ssh_scan.gemspec +3 -0
- metadata +213 -2
|
@@ -0,0 +1 @@
|
|
|
1
|
+
ssh-dss AAAAB3NzaC1kc3MAAABBAP1DVzoJocl1kXDgWS7p+obKYrkv0PzfyrtLLWKw+ZEK+703DawjWQ2A5wlRX6wuv8cgUBj9H4VAaUVHO3qCaTMAAAAVAOLUu3B5ClDwieTcsYqmu517ABBXAAAAQQCBN88tBxXECKqROjBK8D+1XJfAI+i+zecEErxL2cVb5nMab2hHZFxytt+6WfQCRqhRWZpwYHG8P7P2qGEeCI2NAAAAQHgb3XCIGBJcuxFJdG29SsUxnve4cXTN9b4SZ8xpIK85chIX9vndVe+egNJgKyr55KtTCpWhY+L8Z6qhlcqUX54=
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
ssh-dss AAAAB3NzaC1kc3MAAACBAOShg6ddwma8BKFgHkuY331UEFrk+5M2Z4tCQzXPQSs38yJl2UenQ0MOyw9d60wdXe3KIB/HqfaIPsTrAPU2RpWpEmqcwhSFdiw6wQwc3gOrz1HitE+BdRkq/lLEPye75mmIJHTCuNgqVqaiBzrJjs6ohejM/m2FUnyJKfxcBWvhAAAAFQDZ0u/mrzJHLDTZGMZx+Us77FIfaQAAAIAuLbLDKEO2OJYkkIpN8+et4YnMma7C2hHanYsme1mXz+s+bcOpuLhlazTyV5N7Clbw8Cs+updPVOFdF0GjZ1oQJTwQNLHlngBYoFnNHC0Npg6n/MD6T4g2hzwdwC60S7NLp8j7CM2ugno6jodssWv7AqY1edbVrmeoXDtyCeKiYAAAAIEAk5ZKDyvACL+aB9yWFtiTu5pP9bi64Mj4kjLf2yg1zM+DKevxHaEE3ZYOJBoyj+Y8HH3DZBPWBIb2KgrEFoitHco+QBm4QaQj3Gfl774zV+wmKAnf2iv4N6Ke/7+v9Ymb2hVAw2G1+bIZlmnuXy7kkWZwmh/3vtvt1VswYvK7p3I=
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAr9h6zIROyA+A+JgIA+SAWReL9l9HaFSBhJNSW8or4EMzIZz3GrbJVGD5/mJfMRipUfH3Gt5MTPN682n4e/VkqPdsQWwb0RC5bFiMU4KwEZyuYrxBWoQv0UMS7V/EWh4rypLtag99x3Oid5u0uVS/5y06YLV8XpHO9slKRg5qpEgbXAqPo0C/vIImgHUxOOTNg6yOIuRHPqLhUeN03BjLwcgliuMWvUDkNxwf7BhqudQnhmHA6gJAbH9PJn6ECxzTXpHRVtLadYkCwOzq3V4HLAO8FmpzNfvXFBzX3nHeNtCvgqyGgnr9YDosBwYjzubmRKAbePweCDzrii+aRsKlXw==
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgwCKj10BLi11/oSbukFArKJZTXvBvw+AUGfie6fdE7psCNwCLM5bYnJgjQZMP/VOhJkxkA539e2mM4fW9U4ECAUwgvlF9AZGhcmn0kF0jIjMUDgCV8kFIS85OuBU/ayyswdYp6bxp3zn0tGAh0Ty8ikf7CgWU5c+PCbpygbBxMDfZM9P
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgwC0frfsMNpuhz4RDjRpzZthkGs1V8X/xjVhvmN4sySasHL9n//sxqTyMdrAWQTVMCauJDJTweWjYRUoHifxifC0P55B3wvqCvr1BPpekNfvjRVZn5/Nm/xVU4i4SFZkHwmufyyzJgSuO9YgMsOYCCe/wve8ulttUrHxHlSfeexnG/A1
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgwCPP9CoRpVtXwWvZXhqhWNqREIdEcCrtqI+XdVAuMH43MLizZUmIrQHRSTCyEjwTnFJ4FudjL//nkrdPuZVg5dDP4njXb8nxAk6JC3ULDCjLWsCG2vpzaPi3sxGr2H6AFTFNB3H/dyVlLEX6t5tFSboa45SnQF0vz2OE8dugN5qw1+N
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgwCAnQcDza1fw/2rHrXlxvU7TPhjBTQ2Dxdy3R9jVPfmAf5l1iGq30oSSUeKj67+gExVY0S/3gvrYmR0luAtGC3VYhA686OH7BijWBFbo7fzXZt2L0pMyVnE17+XQj8uEOvuLhmFunfha8jwTD5ei1UVcVt0cBBMAFqO7VUCk5vuA/Id
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgwCDK/l+dBrBXBwyndkS9Rqs4kekkuz+aRdBqMXOqs1gkroAUsstT6sUrdnRZqUU6jnA3iMTBateRmcfeX2WIMZ24wlbwQK9P20RUomOfMcVEETh/E2AN31vhXHMPiX0WdoawRKR7vAjTuSzPorYj6wvrVROQAoXad2sTKiVZ63JU7Gt
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
ssh-dss AAAAB3NzaC1kc3MAAACBAMCnIHQ+N8IPqBKYMpYlp/3ax6B37S+o1KL28eUVBS9GtV/+oWBwbXm3RzCnBm33Q0VKpFkbCGzFQoqcX5fhIXIfrjg3mMS+4yNSqFm7v+3kmfyjfwcc2rBJzFWRAFqJboPH2tKtbUXgTI6HpeOsl/3ttj10I76cXce/Y+6XfQYvAAAAFQD8i5x0kBfU8T92AH5r0vH9a3ONuwAAAIAY/Ftc/uo+DLD1ndseaQulRxcdxtBYN6xfdnHGplnDjc4K6CUtKf9mrwCZxCtR1qJmXtAVkas/F4vmvM6nmIAFfnh2UOk+Ov10uc1yWBS9vOQdjsbcx/wrIZzHwCBT7iXN4J3rbVHYyFozjC3TtP6KcBJZolBM9kRfGoyjSeD30wAAAIEAgRZVh7lLwDbGv8sJifQSKwxBpX8r7at6pcbH10BiT23E7CmkH8q0k4oTxilS5cJ1idlml/7mTGz7p6ialNF3QK6tIGQ4BNfh4EOluYHHuw41Twm5/58eVIryd3mhv1Fdf4JkSQQUxrR2oe1HDdJrwmRSFnR6t1ldZvjmV4LtMPQ=
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgwCaX+klFFjH2SREDCqGtja+6IwCYlFK+jF9XxWPEfW5w/fS4D/xQp9uZ/4GayFSDCx2hS7PwJJIJKpm3blG4Nq1hnu8TR7LyMZAFqVF9ezSRNLjEDSiCkucq25xlmX2xgVxw3rvxDkQRIhl38uu4QLy0Vl/f3tEi0+dfEBJEKSLlrR/
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
ssh-dss AAAAB3NzaC1kc3MAAACBAOCK/1pYo80lhQlKzGupJWL17LGGKVHgVgMWvJQXnEs9fFkchKg+QlcP1LmSns9id3XvdpMNQQIgVo51WydOkUqaB32hC2LgoSlga9fLITlb42l7cnqTcSLuqWRBumgrHZaXRWVdeaybvvRaXtX6n+QL5v0XRrunanXl12EZjIrhAAAAFQC6YX83EiDQ4GtaXOF+MnI3YbCg2wAAAIEA1nvWZphm3lYkE7QlK4CIUSFsZ9tbVqqulXKYqHOeXW9GHsUWiTeacebNzlD+tm3jxR9Fy33LUN/MrjwyneFQz2GJ0453EqEtDIX1/j6fPbKOuxChBmSJ3sGkSTmTJtyIyMcFSIoMdzlf0rufBiX1y7aLtY6MgRGqxqRcn2kqqGIAAACAOjZFfMY+Gd0mUrsdEIkTw3lL6xAf9V7oJ5MJ1eFnS+ekNOGTAFdctfEUYNyKh7WmWwWzfLMg69qNFwtKF0XNVKhgbU6b8RaEC3djkLa0IxmKWDW473xcbP1QprJvRP/kbNl/639xHnpnI3bw3pa7sIJeFCYR3WmEyBmvhawlJy8=
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgwCAmPVBs6DX2/2G6NcLwFI6jP055kbQzxGNNaYngPhR3TT9MMiGnR2waCQYrZq0n7D+RKu9tEiYU05tPiaMqm5z4qHq2OePKIL4jFhcTJk8p0yz1IpPp9FJjvZ6Daw4Mvr+r+RNNnSTn7Iq7bIxWyNgXnQc7Lx7IPmm8JDqskFEtOC7
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
ssh-dss AAAAB3NzaC1kc3MAAACBAKuPfWJqwzTz+kimeS+fI3E76N/v6EnneT0tYsLNuXmIF2zmibEYYpt5OOe9wm/VPEx0cGTeVKcO1niCyjppLvh5CN2LRIUGAgoLwLi5y+mI1IqgsB2j2Bfh6MFBmwpt1PEka6sllQXq+srYpjXzzg9hnKT+F2TdwNBfKplpfjtbAAAAFQChBYZ8thdbHU2Rk+59kH48A45ZMwAAAIB24M4fNZ3rg8j+HlJTmsqslml8zLfjNY015AypVHefMBe4dcLH670Rl0rg53TyDe97HBFJGJucNYwqfjs2kg89MU7rhkVGf6GZ9yDSsIfp6gYtaLLgmIYwQ7ATroUyi1RyL9IDhRMMLAx38FJidOqoHdQeBpFh6IqFhj5jV27x9AAAAIA1yGK6T8kyCmBVyKwpg6EANkjRWuCoWRIfXCUQn7c/rphQousclvk1R4T85MUbzarkdrY4F0/wdDrATLh2mwXZcopn6AFcZo/8zFBfTlo/4wwvfo2D5CKOz9MunCHfwLdZLN9bl9EFm21JzmdMMlldsLiCrgEl2yWIZ2AIrf6G1g==
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgwCmgzZKxvy0Dfv6ZuMhZ4W1mLd3j/ZsxZpsO4j7PMElcAO2pX/9/C5pHGPetNR+koojxatVEJ4cOqY2cCNwneL5Omg37xmFeC4MXmYWFg234R6AotIYCSXjdtwcEkG9D2MdVn3KpQ4cKKojzZnOtj6Mh42F+b0dyDCGX08XRNnBfW5l
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
ssh-dss AAAAB3NzaC1kc3MAAACBAJQZh8jURDVc+3itozItc5pkRwsmWQkjOjfBTlz5CF8Ap5Z3WUcbme8hgONSWLhzU3Fb+Z4h2cAGpXyF68ZHJSP8xDIFhFB9CjUQq5DQPXp7CH50q6a9llCtT9ERogl2LUMzP0lGsQWBRNfXnobs6b7mSZT50F4Os8ODDkAfg5mrAAAAFQCACqgT7K3gLi7UxioNVqdPCH8ISQAAAIEAiq7iGESZwq1mgVKDXvt62yFMyen1t/NxFGP9wFD9l/h+SWOOJdoPYl8iW85s5JCbn8MadRklAK5nOfzDRJ9BtEK1dBdydIxJFb255EcpFhaaFBss0abRKHtrOIhqWl1tu4sDR5hPedKOEInnf90rZyPQ68YFd4quKuxoOwWTp0YAAACAaIK507b5EkTGobbR8+YjeZkfXVYmfly4zU8IL0LRRbFA0Gs22RziZFQaQM2BhFvAmQihRDXrT3f5lgtKV0wLTti669gFodWCRLLiElTFNLQhw3ABmWBz/jVKn8fb3yNGis7L4e4t2kW4hSe2/uuI1QXhe7wmCnP9wdI2YVQDLHA= bgannon@zaphod
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAxS2g8708Gq6FOYCtQk+eag5NmZHkANuBOFcAg6UdnFEJ2Gy4b+JnHnn1LlJ4o0cQ7puPQiYEvtTffH39W3UxW3K7006b6a2NnP9DGq6eVcJT+ji45lBBGSRawfjFSYsmldlU+Y07m8M/jD5Z2QLCrGgOy73GlLwQDlHFPIKoozznJ0Z7mROExxWMSgsHHa0qg9zq40igmIwTQgNvKS4ZEEo9eiYrniLEhLdt2gnoWzOHQ2iJDh1Od3iZUZI0l+kCybG2IkbNASZk/I9gT/+R2PmbXDzsAa1RXEZuGufAIrQUcgpJ7wUzG56jvJPxPdbmlvtUr1Y3ckhEU5m1RCbKaQ== bgannon@zaphod
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgwCq6dky9ovEf5lAH+DPMUAwB+k511Xvh+zq7YqMCmSIVtx5T1Ieu37ee7LXmbhfBWkvteYR60uAQ7/lYTSlW5uJudSfQgKceQce8s49ZPIS8O8/ByTsnjZu0U+2oivcewhkWA6Dg6lbryDcRijLRUDxE+HY+X16f4Ev301v9YJW8+2z
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA1dmgf8O3ujr7JDMwm4hgEHb6V4RrTE/ywzKyyZK0yOqsqxfU3gMA39wVeyvh7AsPs9WGiWItdYN34BPA+jyY63jwZnpvp6udB1NxoNM3b1t8WT5wLrwQLZGDgfCH0aPMLMTcQuUZcf0JQkSvuVRWrsZ6T61m8mBVzK0HewtVVOpzsJc84rW9teWu2sq3FJ/oMC4mnO7GPNOmBr5sQtw7Hwg0XQ6RaOTJNW7ueFy0cMxJqoxb5SLw/VP6F7a0YP8dYWDbCL/KDSZ47TLr529RI+i9v/GoaRtpToIBRFHX9em+R61Mn1Bs+VoNSA+GsQvZ09HvAYuSw0M3QZlPePkCTQ==
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgwCcmuRg2VZUuTGKYUktSrl8OUeqIBjlk7fsb+/I5tRDUzoE80+f8X2kp2bRJVKv5dZJMQuDpyYLkIgWPwDQiBVzBkvtUXAy80k+v9I4s+fQbiPY6VxRzP7yoXHXp6ZwPFuvVVzO9DNNdh3xPPnYsgsB2Z1/YhtaEfghmfU5QUsKABLd
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
ssh-dss AAAAB3NzaC1kc3MAAACBAIvTKYP7aOy1oBB5XGt1IFA6FhuacI3yfaPOpjgG0QuN9zsnj5mNiDQ06bufvfqBjRcO888TqHjMn5TJZ/4m2JmqivuU9usljV8/cvYsfjbB1BiyYcJCvZHw6rqmiIlJZ9WEUgeMgZkvbwcYjjtoozlNSog7lhRilkRdvzV7Erz/AAAAFQCf2Ff2BTVs5U/FmWuNO/vQiZktoQAAAIA9KOmnOBwDqGLutPBffZ0gbr7AW6b0Cw85anRPKTYYbbmIVWlJBv03YkqDTGKOaPKEWeJ6VxgZU6EzbgK/unODEZMhf1LcsxNt/KHKJfIGw4IT/PWuw1tdk0teHEWtrT1Q3HkFKDioabPNk/IjwMzsbFDVl3vA3znCMksaWtyTzAAAAIBMil3C6dCZZ+dtaD+4LIHXEXTWXljaPYDEljmxS9bTQqkyiHLhTNHEWrT+TLHvnBW9gOK9WRvcb3BZy2d82IyVTFm1uHo4JLAhSK+cAWND7lIWqWHM+znw2saRg/z3FR+aCEVyJZdIfPfmw+/i3s3LkY5SryWB8epg+dzzKPesiw==
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgwC0GsFKI5kba1u8ofulkTnT9xFUXTGmyXab5C87Cz58l5AxAX6AIyMh28pOgQJaUVko6VUD1U40nA1W3PLuXZ6ADwFwbqUBOUr1PBsLqp10XlZ+X7uI9M1rnRTNczoDiVCOKwdG99NWYjFZ5FHgGmVYSoxZt/WiBWI8XehSnjZXKG4N
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgwCAiY84QFxmlm5H/HjBPd0R2gzRG5ZoBtquNsKu8s7CO039RvflWtt832UZpQkmm3/TtSpf1fu+caxo25ZOw9VpcUfcRhMTAOIO43jHu0T9ON2XdhU5TGMF+vAMsEGf9TXXDbVfHuKK+ruJ9dFyQYXF4KQasNrVHXQRfY2IFqyn2fxD
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAsZRTyCCGw6EZhjGwwNGaZEPEcNGWU614JHTxyrlF06qIwOtPS6VE0orBspbocP9I+G/FEsQbVybr9nNcwYjAyg/fWYmvocBtl06CY9YRu7T/h0rdn6JR0avzXVmP41xRnCDsvC3jPwJDviK+X3D0w3Hz8/MCci28d3I+LHh0fMvHUfG87yGyHEZHoavezectg7+tTNtJ7nff7YA//lV6MEnvQs+zxihB/n1vVOotOgrz9O2D2Rpg0ilY84wne9MAEpQYmMMjCJyiWWE33je+UeI7PIx111LBTcMAMFyP7oHJ0lmIAGcPlzCJRNirqFoBICNDvCt6+/Y5EAHKEs8ANQ== root@EKI-1528
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDJi5Xj7tpaMFdvQ5+Xf4Z+o1YVCBWLrHrBBCnj857mo+jAMMx1LM7oDvCmfHTt8Z0zDhZw4VPdvLx8XxVgOPw76d2LspIH3QFY5e4/FemadQVBDy8RU4n5sJpzr4prCxZ7iaPkA7vU8xGj1/O5MlYB1D4txAluTQx/nuZh6QmhdWOS1o6UUS1SRjm1P6Pgo+DOsLs8OMAD1kIcOWVdcgh0vsQ7bf2M4CneQDF5R7ZA2EaHRYhmhhSBKCjuOiBKFHCMmmpG1NquEkvSbfAXLs4Bg+C+FJBlf8gIl9npgm0zF78fzBSDGRCzuDPOfwhbfJKnd3xIWYbemqaA+JhRssbt root@builder
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
ssh-dss AAAAB3NzaC1kc3MAAACBAN9pseUSSoyLQV8vfZ00HSXGnu9Alw9EmRlsfweUgVPEd9QYzUou4r7gk4wzfUnfILIjK7+4Goa+Z1nKNfoZLtoZjcDPjOWkhS6chbqb2FHeCgaw6MXNrIQS8Wzd57tq7SIpqnF7j+Rd6RIMfQie/i5MMm/eayGtPgH4iPIEWlVdAAAAFQDgE2/rYWWce97Rq7hjj8VLsPkFuQAAAIEAzLtd895znRv1ffhLJL48lXkYI59dbs2oeQE7PgfaEBiL72PiIaBW7OdIJBqSxtE7B9J7IVzCLJpWhmS/JFdzxFpfUc9/r5ypYZGjMhKxM62jnokU5fYDCaM7hXT2PRuFHVylLYzj2S7WDa5H3ix9cIa9V0cxOO0CSq0P4bAHqUYAAACBAJtctAVpawe5um4PdWHm3322Ys/VgUEYUas63FIKkFNAovtQK77RYjsUMhZeOQxZx9d1UKmZlsDy6OEpiLTDaeBe0UMKR2NcaOTLUNYVezK5GmmJ69S1pgHHvfzxEBp8V4Eycm7PrrUlMmpQJtdNFt3GTLLgnmsqPk09tcdKWW2y
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEA2zjyMtVq4htET2swK7VvJSMD8e92iiFfsS5W5NPv9mpglfR8VN8AKAfcAriRuCiNk9nQ1gtjrOUnrNfLnWaGyEMyzG4EdWzqc/lVCzVp8juk0Qe1TJbOxTFHuG4YBtN23t+BAJgl9xdtx+PjkBeLuYmFo8NHqhznAcdx8xK9iME=
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
ssh-dss AAAAB3NzaC1kc3MAAACBAPe0TXPQpmb6Lv0sizBU2IsK/bws41gi2/C0jBegtmgh10Y+nEplXOgt8rjfXafS0mTaEpvIi67gtm9VAqehma2/4lK1miOP6f4QScQ2vTGF1n5ByRVC8QFFp7WTBDlt5SPz63JI005xETmtMAskKdSZ3YyhbFRmrLBulGl3b3zjAAAAFQDabfcJlLRRWpbkcxtthGIM+yqjnQAAAIAiCBLx0MbN9mKsNDkBLFyeqFXLjA9SPl5vzArlUKf0KkXcSgnt+GbrO5lUrJHcCNyNC/VkvlXJWCc6VOulT3ebenrvW9OzUBTtha72mGvKPAluNKYTXVrBrx+I4KWjBJJUvRzx3pdTphObkU0Y9xkPFZiDLJOldvrh8XyxC830gwAAAIAjxxpAG9jphUvvRVYA+2uUnsN9oy6VHO4Zo4lsAAvkdAS8X/VN/i7+C8xFq6VY0o7qK1gOhibjOIt3nFC38gQYgBRiLQ0Sexm1whS8STsvhqMgQ1196ecB03mVpaMDcteFbBrfRAbwAuOmW2nH9XMBivFuMSNjfs4tyyMimq3ZyQ== hgb@hgbpc
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgwC/2TX7O2hT4oCtqtdnNZXeeqXCBSFHkYAWkwB9zA0uDeVxZVdAU25BefZUXExSqVeOw0DrCibrMD8uuPhxC7no2GYR6mKd8p9F0x9xi2UZVYFW5HNIiT01Zj1JDORRwm8FsC3Jd9zpzzHnufBRoOpaaqFdRxS1DpD9Mzd8yCGsnyg1
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgwDHY3qOn4zaLIbtc8UpWZTQpCuUXoFTOF7kD5GNOmjb8/wPGuxtvT+tAsUb/2JkJxyl7BnznC/V7pTi9LReZ4hDQPtL0zw+rDEX7c3ZfFlI7cHO/vKwuty5hFj74XdXRjk8/2dKvMNeoK/vN4Jjq8R2GkuSvZWST6MKg65jjzkSkRYl
|
data/lib/ssh_scan.rb
CHANGED
data/lib/ssh_scan/crypto.rb
CHANGED
|
@@ -1,4 +1,6 @@
|
|
|
1
1
|
require 'openssl'
|
|
2
|
+
require 'sshkey'
|
|
3
|
+
require 'base64'
|
|
2
4
|
|
|
3
5
|
module SSHScan
|
|
4
6
|
module Crypto
|
|
@@ -7,17 +9,41 @@ module SSHScan
|
|
|
7
9
|
@key = key
|
|
8
10
|
end
|
|
9
11
|
|
|
12
|
+
# Is the current key known to be in our known bad key list
|
|
13
|
+
def bad_key?
|
|
14
|
+
SSHScan::Crypto.bad_public_keys.each do |other_key|
|
|
15
|
+
if self.fingerprint_sha256 == other_key.fingerprint_sha256
|
|
16
|
+
return true
|
|
17
|
+
end
|
|
18
|
+
end
|
|
19
|
+
|
|
20
|
+
return false
|
|
21
|
+
end
|
|
22
|
+
|
|
10
23
|
def fingerprint_md5
|
|
11
|
-
OpenSSL::Digest::MD5.hexdigest(Base64.decode64(@key)).scan(/../).join(':')
|
|
24
|
+
OpenSSL::Digest::MD5.hexdigest(::Base64.decode64(@key)).scan(/../).join(':')
|
|
12
25
|
end
|
|
13
26
|
|
|
14
27
|
def fingerprint_sha1
|
|
15
|
-
OpenSSL::Digest::SHA1.hexdigest(Base64.decode64(@key)).scan(/../).join(':')
|
|
28
|
+
OpenSSL::Digest::SHA1.hexdigest(::Base64.decode64(@key)).scan(/../).join(':')
|
|
16
29
|
end
|
|
17
30
|
|
|
18
31
|
def fingerprint_sha256
|
|
19
|
-
OpenSSL::Digest::SHA256.hexdigest(Base64.decode64(@key)).scan(/../).join(':')
|
|
32
|
+
OpenSSL::Digest::SHA256.hexdigest(::Base64.decode64(@key)).scan(/../).join(':')
|
|
20
33
|
end
|
|
21
34
|
end
|
|
35
|
+
|
|
36
|
+
def self.bad_public_keys
|
|
37
|
+
bad_keys = []
|
|
38
|
+
|
|
39
|
+
Dir.glob("data/ssh-badkeys/host/*.key").each do |file_path|
|
|
40
|
+
file = File.read(File.expand_path(file_path))
|
|
41
|
+
key = SSHKey.new(file)
|
|
42
|
+
bad_keys << SSHScan::Crypto::PublicKey.new(key.ssh_public_key.split[1])
|
|
43
|
+
end
|
|
44
|
+
|
|
45
|
+
return bad_keys
|
|
46
|
+
end
|
|
47
|
+
|
|
22
48
|
end
|
|
23
49
|
end
|
|
@@ -0,0 +1,39 @@
|
|
|
1
|
+
require 'sqlite3'
|
|
2
|
+
|
|
3
|
+
module SSHScan
|
|
4
|
+
class FingerprintDatabase
|
|
5
|
+
def initialize(database_name)
|
|
6
|
+
if File.exists?(database_name)
|
|
7
|
+
@db = ::SQLite3::Database.open(database_name)
|
|
8
|
+
else
|
|
9
|
+
@db = ::SQLite3::Database.new(database_name)
|
|
10
|
+
self.create_schema
|
|
11
|
+
end
|
|
12
|
+
end
|
|
13
|
+
|
|
14
|
+
def create_schema
|
|
15
|
+
@db.execute <<-SQL
|
|
16
|
+
create table fingerprints (
|
|
17
|
+
fingerprint varchar(100),
|
|
18
|
+
ip varchar(100)
|
|
19
|
+
);
|
|
20
|
+
SQL
|
|
21
|
+
end
|
|
22
|
+
|
|
23
|
+
def clear_fingerprints(ip)
|
|
24
|
+
@db.execute "delete from fingerprints where ip like ( ? )", [ip]
|
|
25
|
+
end
|
|
26
|
+
|
|
27
|
+
def add_fingerprint(fingerprint, ip)
|
|
28
|
+
@db.execute "insert into fingerprints values ( ?, ? )", [fingerprint, ip]
|
|
29
|
+
end
|
|
30
|
+
|
|
31
|
+
def find_fingerprints(fingerprint)
|
|
32
|
+
ips = []
|
|
33
|
+
@db.execute( "select * from fingerprints where fingerprint like ( ? )", [fingerprint] ) do |row|
|
|
34
|
+
ips << row[1]
|
|
35
|
+
end
|
|
36
|
+
return ips
|
|
37
|
+
end
|
|
38
|
+
end
|
|
39
|
+
end
|
data/lib/ssh_scan/scan_engine.rb
CHANGED
|
@@ -88,6 +88,7 @@ module SSHScan
|
|
|
88
88
|
pkey = SSHScan::Crypto::PublicKey.new(host_keys[i + 1])
|
|
89
89
|
result['fingerprints'].merge!({
|
|
90
90
|
"dsa" => {
|
|
91
|
+
"known_bad" => pkey.bad_key?.to_s,
|
|
91
92
|
"md5" => pkey.fingerprint_md5,
|
|
92
93
|
"sha1" => pkey.fingerprint_sha1,
|
|
93
94
|
"sha256" => pkey.fingerprint_sha256,
|
|
@@ -99,6 +100,7 @@ module SSHScan
|
|
|
99
100
|
pkey = SSHScan::Crypto::PublicKey.new(host_keys[i + 1])
|
|
100
101
|
result['fingerprints'].merge!({
|
|
101
102
|
"rsa" => {
|
|
103
|
+
"known_bad" => pkey.bad_key?.to_s,
|
|
102
104
|
"md5" => pkey.fingerprint_md5,
|
|
103
105
|
"sha1" => pkey.fingerprint_sha1,
|
|
104
106
|
"sha256" => pkey.fingerprint_sha256,
|
|
@@ -141,36 +143,36 @@ module SSHScan
|
|
|
141
143
|
workers.map(&:join)
|
|
142
144
|
|
|
143
145
|
# Add all the fingerprints to our peristent FingerprintDatabase
|
|
144
|
-
|
|
145
|
-
|
|
146
|
-
|
|
147
|
-
|
|
148
|
-
|
|
149
|
-
|
|
150
|
-
|
|
151
|
-
|
|
152
|
-
|
|
153
|
-
|
|
154
|
-
|
|
155
|
-
|
|
156
|
-
|
|
146
|
+
fingerprint_db = SSHScan::FingerprintDatabase.new(
|
|
147
|
+
opts['fingerprint_database']
|
|
148
|
+
)
|
|
149
|
+
results.each do |result|
|
|
150
|
+
fingerprint_db.clear_fingerprints(result[:ip])
|
|
151
|
+
if result['fingerprints']
|
|
152
|
+
result['fingerprints'].values.each do |host_key_algo|
|
|
153
|
+
host_key_algo.values.each do |fingerprint|
|
|
154
|
+
fingerprint_db.add_fingerprint(fingerprint, result[:ip])
|
|
155
|
+
end
|
|
156
|
+
end
|
|
157
|
+
end
|
|
158
|
+
end
|
|
157
159
|
|
|
158
160
|
# Decorate all the results with duplicate keys
|
|
159
|
-
|
|
160
|
-
|
|
161
|
-
|
|
162
|
-
|
|
163
|
-
|
|
164
|
-
|
|
165
|
-
|
|
166
|
-
|
|
167
|
-
|
|
168
|
-
|
|
169
|
-
|
|
170
|
-
|
|
171
|
-
|
|
172
|
-
|
|
173
|
-
|
|
161
|
+
results.each do |result|
|
|
162
|
+
if result['fingerprints']
|
|
163
|
+
ip = result[:ip]
|
|
164
|
+
result['duplicate_host_key_ips'] = []
|
|
165
|
+
result['fingerprints'].values.each do |host_key_algo|
|
|
166
|
+
host_key_algo.values.each do |fingerprint|
|
|
167
|
+
fingerprint_db.find_fingerprints(fingerprint).each do |other_ip|
|
|
168
|
+
next if ip == other_ip
|
|
169
|
+
result['duplicate_host_key_ips'] << other_ip
|
|
170
|
+
end
|
|
171
|
+
end
|
|
172
|
+
end
|
|
173
|
+
result['duplicate_host_key_ips'].uniq!
|
|
174
|
+
end
|
|
175
|
+
end
|
|
174
176
|
|
|
175
177
|
# Decorate all the results with compliance information
|
|
176
178
|
results.each do |result|
|