ssh_scan 0.0.43 → 0.0.44
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.travis.yml +15 -8
- data/README.md +1 -2
- data/bin/ssh_scan +0 -1
- data/lib/ssh_scan/scan_engine.rb +1 -1
- data/lib/ssh_scan/ssh_fp.rb +30 -20
- data/lib/ssh_scan/target_parser.rb +11 -18
- data/lib/ssh_scan/version.rb +1 -1
- data/lib/string_ext.rb +5 -1
- data/ssh_scan.gemspec +5 -3
- metadata +42 -14
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 6174ee5e2ad23ab2ba83ecb51af937fba17db13e8dba7590ccf4b2cdb93c9aa5
|
4
|
+
data.tar.gz: dbad23e44d2f0b06625a8ae62eae20e7a7bc94a0aecadf01d143e0c9c1d4d373
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 1acd0b7879e43c38b9ff19487a7a4c4c8e6bb1598a27977dfb13d1c9559d5a222d7cf1a2762325deb29536ce055f6295cbc49382f858f9211639d1de5b0891e9
|
7
|
+
data.tar.gz: 0e880c12f64ece3ba79880f880ff7b7e1fa5b916636518b373bf40985ea4f7be3a3dfca0da9fd1d974364ca26bf8ef52dda798a9357b40f2dc896520cc0ef9b2
|
data/.travis.yml
CHANGED
@@ -11,37 +11,44 @@ matrix:
|
|
11
11
|
- LABEL=unit_tests
|
12
12
|
after_success:
|
13
13
|
- coveralls
|
14
|
-
- rvm: 2.
|
14
|
+
- rvm: 2.6.7
|
15
15
|
env:
|
16
16
|
- LABEL=unit_tests
|
17
|
-
- rvm: 2.
|
17
|
+
- rvm: 2.7.3
|
18
18
|
env:
|
19
19
|
- LABEL=unit_tests
|
20
|
-
- rvm:
|
20
|
+
- rvm: 3.0.1
|
21
21
|
env:
|
22
22
|
- LABEL=unit_tests
|
23
|
-
- rvm: 2.
|
23
|
+
- rvm: 2.6.7
|
24
24
|
env:
|
25
25
|
- LABEL=gem_integration_tests
|
26
26
|
script:
|
27
27
|
- gem install ssh_scan
|
28
28
|
- chmod 755 ./spec/ssh_scan/integration.sh
|
29
29
|
- ./spec/ssh_scan/integration.sh
|
30
|
-
- rvm: 2.
|
30
|
+
- rvm: 2.7.3
|
31
31
|
env:
|
32
32
|
- LABEL=gem_integration_tests
|
33
33
|
script:
|
34
34
|
- gem install ssh_scan
|
35
35
|
- chmod 755 ./spec/ssh_scan/integration.sh
|
36
36
|
- ./spec/ssh_scan/integration.sh
|
37
|
-
- rvm:
|
37
|
+
- rvm: 3.0.1
|
38
|
+
env:
|
39
|
+
- LABEL=gem_integration_tests
|
40
|
+
script:
|
41
|
+
- gem install ssh_scan
|
42
|
+
- chmod 755 ./spec/ssh_scan/integration.sh
|
43
|
+
- ./spec/ssh_scan/integration.sh
|
44
|
+
- rvm: 2.7.3
|
38
45
|
env:
|
39
46
|
- LABEL=src_integration_tests
|
40
47
|
script:
|
41
48
|
- bundle install
|
42
49
|
- chmod 755 ./spec/ssh_scan/integration.sh
|
43
50
|
- ./spec/ssh_scan/integration.sh
|
44
|
-
- rvm:
|
51
|
+
- rvm: 3.0.1
|
45
52
|
env:
|
46
53
|
- LABEL=docker_integration_tests
|
47
54
|
services:
|
@@ -49,7 +56,7 @@ matrix:
|
|
49
56
|
script:
|
50
57
|
- docker build -t mozilla/ssh_scan .
|
51
58
|
- docker run -it mozilla/ssh_scan /app/spec/ssh_scan/integration.sh
|
52
|
-
- rvm:
|
59
|
+
- rvm: 3.0.1
|
53
60
|
env:
|
54
61
|
- LABEL=docker_build_and_push
|
55
62
|
services:
|
data/README.md
CHANGED
@@ -27,7 +27,7 @@ To run from a docker container, type:
|
|
27
27
|
|
28
28
|
```bash
|
29
29
|
docker pull mozilla/ssh_scan
|
30
|
-
docker run -it mozilla/ssh_scan
|
30
|
+
docker run -it mozilla/ssh_scan -t sshscan.rubidus.com
|
31
31
|
```
|
32
32
|
|
33
33
|
To install and run from source, type:
|
@@ -83,7 +83,6 @@ Examples:
|
|
83
83
|
ssh_scan -t 192.168.1.1 --unit-test -P custom_policy.yml
|
84
84
|
```
|
85
85
|
|
86
|
-
- See here for [example video](https://asciinema.org/a/7pliiw5zqhj7eqvz7q437u6vx)
|
87
86
|
- See here for [example output](https://github.com/mozilla/ssh_scan/blob/master/examples/192.168.1.1.json)
|
88
87
|
- See here for [example policies](https://github.com/mozilla/ssh_scan/blob/master/config/policies)
|
89
88
|
|
data/bin/ssh_scan
CHANGED
data/lib/ssh_scan/scan_engine.rb
CHANGED
@@ -98,7 +98,7 @@ module SSHScan
|
|
98
98
|
target,
|
99
99
|
:port => port,
|
100
100
|
:timeout => timeout,
|
101
|
-
:
|
101
|
+
:verify_host_key => :never
|
102
102
|
)
|
103
103
|
raise SSHScan::Error::ClosedConnection.new if net_ssh_session.closed?
|
104
104
|
auth_session = Net::SSH::Authentication::Session.new(
|
data/lib/ssh_scan/ssh_fp.rb
CHANGED
@@ -22,26 +22,36 @@ module SSHScan
|
|
22
22
|
def query(fqdn)
|
23
23
|
sshfp_records = []
|
24
24
|
|
25
|
-
#
|
26
|
-
|
27
|
-
|
28
|
-
|
29
|
-
|
30
|
-
|
31
|
-
|
32
|
-
|
33
|
-
|
34
|
-
|
35
|
-
|
36
|
-
|
37
|
-
|
38
|
-
|
39
|
-
|
40
|
-
|
41
|
-
|
42
|
-
|
43
|
-
|
44
|
-
|
25
|
+
# try up to 5 times to resolve ssh_fp's
|
26
|
+
5.times do
|
27
|
+
|
28
|
+
# Reference: https://stackoverflow.com/questions/28867626/how-to-use-resolvdnsresourcegeneric
|
29
|
+
# Note: this includes some fixes too, I'll post a direct link back to the SO article.
|
30
|
+
Resolv::DNS.open do |dns|
|
31
|
+
all_records = dns.getresources(fqdn, Resolv::DNS::Resource::IN::ANY ) rescue nil
|
32
|
+
all_records.each do |rr|
|
33
|
+
if rr.is_a? Resolv::DNS::Resource::Generic then
|
34
|
+
classname = rr.class.name.split('::').last
|
35
|
+
if classname == "Type44_Class1"
|
36
|
+
data = rr.data.bytes
|
37
|
+
algo = data[0].to_s
|
38
|
+
fptype = data[1].to_s
|
39
|
+
fp = data[2..-1]
|
40
|
+
hex = fp.map{|b| b.to_s(16).rjust(2,'0') }.join(':')
|
41
|
+
sshfp_records << {"fptype" => FPTYPE_MAP[fptype.to_i], "algo" => ALGO_MAP[algo.to_i], "hex" => hex}
|
42
|
+
end
|
43
|
+
end
|
44
|
+
end
|
45
|
+
end
|
46
|
+
|
47
|
+
if sshfp_records.any?
|
48
|
+
return sshfp_records.sort_by { |k| k["hex"] }
|
49
|
+
end
|
50
|
+
|
51
|
+
sleep 0.5
|
52
|
+
end
|
53
|
+
|
54
|
+
return sshfp_records
|
45
55
|
end
|
46
56
|
end
|
47
57
|
end
|
@@ -8,7 +8,7 @@ module SSHScan
|
|
8
8
|
# @param ip [String] IP address
|
9
9
|
# @param port [Fixnum] port
|
10
10
|
# @return [Array] array of enumerated addresses
|
11
|
-
def enumerateIPRange(ip,port)
|
11
|
+
def enumerateIPRange(ip,port=nil)
|
12
12
|
if ip.fqdn?
|
13
13
|
if port.nil?
|
14
14
|
socket = ip
|
@@ -17,29 +17,22 @@ module SSHScan
|
|
17
17
|
end
|
18
18
|
return [socket]
|
19
19
|
else
|
20
|
-
if ip.include? "
|
21
|
-
octets = ip.split('.')
|
22
|
-
range = octets.pop.split('-')
|
23
|
-
lower = NetAddr::CIDR.create(octets.join('.') + "." + range[0])
|
24
|
-
upper = NetAddr::CIDR.create(octets.join('.') + "." + range[1])
|
25
|
-
ip_array = NetAddr.range(lower, upper,:Inclusive => true)
|
26
|
-
if !port.nil?
|
27
|
-
ip_array.map! { |i| i.concat(":").concat(port.to_s) }
|
28
|
-
end
|
29
|
-
return ip_array
|
30
|
-
elsif ip.include? "/"
|
20
|
+
if ip.include? "/"
|
31
21
|
begin
|
32
|
-
|
22
|
+
ip_net = NetAddr::IPv4Net.parse(ip)
|
33
23
|
rescue
|
34
24
|
raise ArgumentError, "Invalid target: #{ip}"
|
35
25
|
end
|
36
|
-
|
37
|
-
|
38
|
-
|
26
|
+
|
27
|
+
sock_array = []
|
28
|
+
1.upto(ip_net.len - 2) do |i|
|
29
|
+
sock_array << ip_net.nth(i).to_s
|
30
|
+
end
|
31
|
+
|
39
32
|
if !port.nil?
|
40
|
-
|
33
|
+
sock_array.map! { |i| i.concat(":").concat(port.to_s) }
|
41
34
|
end
|
42
|
-
return
|
35
|
+
return sock_array
|
43
36
|
else
|
44
37
|
if port.nil?
|
45
38
|
socket = ip
|
data/lib/ssh_scan/version.rb
CHANGED
data/lib/string_ext.rb
CHANGED
data/ssh_scan.gemspec
CHANGED
@@ -31,12 +31,14 @@ Gem::Specification.new do |s|
|
|
31
31
|
s.metadata["yard.run"] = "yri" # use "yard" to build full HTML docs
|
32
32
|
|
33
33
|
s.add_dependency('bindata', '2.4.3')
|
34
|
-
s.add_dependency('netaddr', '
|
35
|
-
s.add_dependency('net-ssh', '
|
34
|
+
s.add_dependency('netaddr', '2.0.4')
|
35
|
+
s.add_dependency('net-ssh', '6.0.2')
|
36
|
+
s.add_dependency('ed25519', '1.2.4')
|
37
|
+
s.add_dependency('bcrypt_pbkdf', '1.0.1')
|
36
38
|
s.add_dependency('sshkey')
|
37
39
|
s.add_development_dependency('pry', '0.11.3')
|
38
40
|
s.add_development_dependency('rspec', '3.7.0')
|
39
41
|
s.add_development_dependency('rspec-its', '1.2.0')
|
40
|
-
s.add_development_dependency
|
42
|
+
s.add_development_dependency "rake", ">= 12.3.3"
|
41
43
|
s.add_development_dependency('rubocop')
|
42
44
|
end
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: ssh_scan
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.0.
|
4
|
+
version: 0.0.44
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Jonathan Claudius
|
@@ -9,10 +9,10 @@ authors:
|
|
9
9
|
- Harsh Vardhan
|
10
10
|
- Rishabh Saxena
|
11
11
|
- Ashish Gaurav
|
12
|
-
autorequire:
|
12
|
+
autorequire:
|
13
13
|
bindir: bin
|
14
14
|
cert_chain: []
|
15
|
-
date:
|
15
|
+
date: 2021-05-20 00:00:00.000000000 Z
|
16
16
|
dependencies:
|
17
17
|
- !ruby/object:Gem::Dependency
|
18
18
|
name: bindata
|
@@ -34,28 +34,56 @@ dependencies:
|
|
34
34
|
requirements:
|
35
35
|
- - '='
|
36
36
|
- !ruby/object:Gem::Version
|
37
|
-
version:
|
37
|
+
version: 2.0.4
|
38
38
|
type: :runtime
|
39
39
|
prerelease: false
|
40
40
|
version_requirements: !ruby/object:Gem::Requirement
|
41
41
|
requirements:
|
42
42
|
- - '='
|
43
43
|
- !ruby/object:Gem::Version
|
44
|
-
version:
|
44
|
+
version: 2.0.4
|
45
45
|
- !ruby/object:Gem::Dependency
|
46
46
|
name: net-ssh
|
47
47
|
requirement: !ruby/object:Gem::Requirement
|
48
48
|
requirements:
|
49
49
|
- - '='
|
50
50
|
- !ruby/object:Gem::Version
|
51
|
-
version:
|
51
|
+
version: 6.0.2
|
52
52
|
type: :runtime
|
53
53
|
prerelease: false
|
54
54
|
version_requirements: !ruby/object:Gem::Requirement
|
55
55
|
requirements:
|
56
56
|
- - '='
|
57
57
|
- !ruby/object:Gem::Version
|
58
|
-
version:
|
58
|
+
version: 6.0.2
|
59
|
+
- !ruby/object:Gem::Dependency
|
60
|
+
name: ed25519
|
61
|
+
requirement: !ruby/object:Gem::Requirement
|
62
|
+
requirements:
|
63
|
+
- - '='
|
64
|
+
- !ruby/object:Gem::Version
|
65
|
+
version: 1.2.4
|
66
|
+
type: :runtime
|
67
|
+
prerelease: false
|
68
|
+
version_requirements: !ruby/object:Gem::Requirement
|
69
|
+
requirements:
|
70
|
+
- - '='
|
71
|
+
- !ruby/object:Gem::Version
|
72
|
+
version: 1.2.4
|
73
|
+
- !ruby/object:Gem::Dependency
|
74
|
+
name: bcrypt_pbkdf
|
75
|
+
requirement: !ruby/object:Gem::Requirement
|
76
|
+
requirements:
|
77
|
+
- - '='
|
78
|
+
- !ruby/object:Gem::Version
|
79
|
+
version: 1.0.1
|
80
|
+
type: :runtime
|
81
|
+
prerelease: false
|
82
|
+
version_requirements: !ruby/object:Gem::Requirement
|
83
|
+
requirements:
|
84
|
+
- - '='
|
85
|
+
- !ruby/object:Gem::Version
|
86
|
+
version: 1.0.1
|
59
87
|
- !ruby/object:Gem::Dependency
|
60
88
|
name: sshkey
|
61
89
|
requirement: !ruby/object:Gem::Requirement
|
@@ -116,16 +144,16 @@ dependencies:
|
|
116
144
|
name: rake
|
117
145
|
requirement: !ruby/object:Gem::Requirement
|
118
146
|
requirements:
|
119
|
-
- -
|
147
|
+
- - ">="
|
120
148
|
- !ruby/object:Gem::Version
|
121
|
-
version: 12.3.
|
149
|
+
version: 12.3.3
|
122
150
|
type: :development
|
123
151
|
prerelease: false
|
124
152
|
version_requirements: !ruby/object:Gem::Requirement
|
125
153
|
requirements:
|
126
|
-
- -
|
154
|
+
- - ">="
|
127
155
|
- !ruby/object:Gem::Version
|
128
|
-
version: 12.3.
|
156
|
+
version: 12.3.3
|
129
157
|
- !ruby/object:Gem::Dependency
|
130
158
|
name: rubocop
|
131
159
|
requirement: !ruby/object:Gem::Requirement
|
@@ -219,7 +247,7 @@ licenses:
|
|
219
247
|
- ruby
|
220
248
|
metadata:
|
221
249
|
yard.run: yri
|
222
|
-
post_install_message:
|
250
|
+
post_install_message:
|
223
251
|
rdoc_options: []
|
224
252
|
require_paths:
|
225
253
|
- lib
|
@@ -234,8 +262,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
234
262
|
- !ruby/object:Gem::Version
|
235
263
|
version: '0'
|
236
264
|
requirements: []
|
237
|
-
rubygems_version: 3.
|
238
|
-
signing_key:
|
265
|
+
rubygems_version: 3.2.15
|
266
|
+
signing_key:
|
239
267
|
specification_version: 4
|
240
268
|
summary: Ruby-based SSH Scanner
|
241
269
|
test_files: []
|