ssh_scan 0.0.43 → 0.0.44
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.travis.yml +15 -8
- data/README.md +1 -2
- data/bin/ssh_scan +0 -1
- data/lib/ssh_scan/scan_engine.rb +1 -1
- data/lib/ssh_scan/ssh_fp.rb +30 -20
- data/lib/ssh_scan/target_parser.rb +11 -18
- data/lib/ssh_scan/version.rb +1 -1
- data/lib/string_ext.rb +5 -1
- data/ssh_scan.gemspec +5 -3
- metadata +42 -14
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 6174ee5e2ad23ab2ba83ecb51af937fba17db13e8dba7590ccf4b2cdb93c9aa5
|
4
|
+
data.tar.gz: dbad23e44d2f0b06625a8ae62eae20e7a7bc94a0aecadf01d143e0c9c1d4d373
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 1acd0b7879e43c38b9ff19487a7a4c4c8e6bb1598a27977dfb13d1c9559d5a222d7cf1a2762325deb29536ce055f6295cbc49382f858f9211639d1de5b0891e9
|
7
|
+
data.tar.gz: 0e880c12f64ece3ba79880f880ff7b7e1fa5b916636518b373bf40985ea4f7be3a3dfca0da9fd1d974364ca26bf8ef52dda798a9357b40f2dc896520cc0ef9b2
|
data/.travis.yml
CHANGED
@@ -11,37 +11,44 @@ matrix:
|
|
11
11
|
- LABEL=unit_tests
|
12
12
|
after_success:
|
13
13
|
- coveralls
|
14
|
-
- rvm: 2.
|
14
|
+
- rvm: 2.6.7
|
15
15
|
env:
|
16
16
|
- LABEL=unit_tests
|
17
|
-
- rvm: 2.
|
17
|
+
- rvm: 2.7.3
|
18
18
|
env:
|
19
19
|
- LABEL=unit_tests
|
20
|
-
- rvm:
|
20
|
+
- rvm: 3.0.1
|
21
21
|
env:
|
22
22
|
- LABEL=unit_tests
|
23
|
-
- rvm: 2.
|
23
|
+
- rvm: 2.6.7
|
24
24
|
env:
|
25
25
|
- LABEL=gem_integration_tests
|
26
26
|
script:
|
27
27
|
- gem install ssh_scan
|
28
28
|
- chmod 755 ./spec/ssh_scan/integration.sh
|
29
29
|
- ./spec/ssh_scan/integration.sh
|
30
|
-
- rvm: 2.
|
30
|
+
- rvm: 2.7.3
|
31
31
|
env:
|
32
32
|
- LABEL=gem_integration_tests
|
33
33
|
script:
|
34
34
|
- gem install ssh_scan
|
35
35
|
- chmod 755 ./spec/ssh_scan/integration.sh
|
36
36
|
- ./spec/ssh_scan/integration.sh
|
37
|
-
- rvm:
|
37
|
+
- rvm: 3.0.1
|
38
|
+
env:
|
39
|
+
- LABEL=gem_integration_tests
|
40
|
+
script:
|
41
|
+
- gem install ssh_scan
|
42
|
+
- chmod 755 ./spec/ssh_scan/integration.sh
|
43
|
+
- ./spec/ssh_scan/integration.sh
|
44
|
+
- rvm: 2.7.3
|
38
45
|
env:
|
39
46
|
- LABEL=src_integration_tests
|
40
47
|
script:
|
41
48
|
- bundle install
|
42
49
|
- chmod 755 ./spec/ssh_scan/integration.sh
|
43
50
|
- ./spec/ssh_scan/integration.sh
|
44
|
-
- rvm:
|
51
|
+
- rvm: 3.0.1
|
45
52
|
env:
|
46
53
|
- LABEL=docker_integration_tests
|
47
54
|
services:
|
@@ -49,7 +56,7 @@ matrix:
|
|
49
56
|
script:
|
50
57
|
- docker build -t mozilla/ssh_scan .
|
51
58
|
- docker run -it mozilla/ssh_scan /app/spec/ssh_scan/integration.sh
|
52
|
-
- rvm:
|
59
|
+
- rvm: 3.0.1
|
53
60
|
env:
|
54
61
|
- LABEL=docker_build_and_push
|
55
62
|
services:
|
data/README.md
CHANGED
@@ -27,7 +27,7 @@ To run from a docker container, type:
|
|
27
27
|
|
28
28
|
```bash
|
29
29
|
docker pull mozilla/ssh_scan
|
30
|
-
docker run -it mozilla/ssh_scan
|
30
|
+
docker run -it mozilla/ssh_scan -t sshscan.rubidus.com
|
31
31
|
```
|
32
32
|
|
33
33
|
To install and run from source, type:
|
@@ -83,7 +83,6 @@ Examples:
|
|
83
83
|
ssh_scan -t 192.168.1.1 --unit-test -P custom_policy.yml
|
84
84
|
```
|
85
85
|
|
86
|
-
- See here for [example video](https://asciinema.org/a/7pliiw5zqhj7eqvz7q437u6vx)
|
87
86
|
- See here for [example output](https://github.com/mozilla/ssh_scan/blob/master/examples/192.168.1.1.json)
|
88
87
|
- See here for [example policies](https://github.com/mozilla/ssh_scan/blob/master/config/policies)
|
89
88
|
|
data/bin/ssh_scan
CHANGED
data/lib/ssh_scan/scan_engine.rb
CHANGED
@@ -98,7 +98,7 @@ module SSHScan
|
|
98
98
|
target,
|
99
99
|
:port => port,
|
100
100
|
:timeout => timeout,
|
101
|
-
:
|
101
|
+
:verify_host_key => :never
|
102
102
|
)
|
103
103
|
raise SSHScan::Error::ClosedConnection.new if net_ssh_session.closed?
|
104
104
|
auth_session = Net::SSH::Authentication::Session.new(
|
data/lib/ssh_scan/ssh_fp.rb
CHANGED
@@ -22,26 +22,36 @@ module SSHScan
|
|
22
22
|
def query(fqdn)
|
23
23
|
sshfp_records = []
|
24
24
|
|
25
|
-
#
|
26
|
-
|
27
|
-
|
28
|
-
|
29
|
-
|
30
|
-
|
31
|
-
|
32
|
-
|
33
|
-
|
34
|
-
|
35
|
-
|
36
|
-
|
37
|
-
|
38
|
-
|
39
|
-
|
40
|
-
|
41
|
-
|
42
|
-
|
43
|
-
|
44
|
-
|
25
|
+
# try up to 5 times to resolve ssh_fp's
|
26
|
+
5.times do
|
27
|
+
|
28
|
+
# Reference: https://stackoverflow.com/questions/28867626/how-to-use-resolvdnsresourcegeneric
|
29
|
+
# Note: this includes some fixes too, I'll post a direct link back to the SO article.
|
30
|
+
Resolv::DNS.open do |dns|
|
31
|
+
all_records = dns.getresources(fqdn, Resolv::DNS::Resource::IN::ANY ) rescue nil
|
32
|
+
all_records.each do |rr|
|
33
|
+
if rr.is_a? Resolv::DNS::Resource::Generic then
|
34
|
+
classname = rr.class.name.split('::').last
|
35
|
+
if classname == "Type44_Class1"
|
36
|
+
data = rr.data.bytes
|
37
|
+
algo = data[0].to_s
|
38
|
+
fptype = data[1].to_s
|
39
|
+
fp = data[2..-1]
|
40
|
+
hex = fp.map{|b| b.to_s(16).rjust(2,'0') }.join(':')
|
41
|
+
sshfp_records << {"fptype" => FPTYPE_MAP[fptype.to_i], "algo" => ALGO_MAP[algo.to_i], "hex" => hex}
|
42
|
+
end
|
43
|
+
end
|
44
|
+
end
|
45
|
+
end
|
46
|
+
|
47
|
+
if sshfp_records.any?
|
48
|
+
return sshfp_records.sort_by { |k| k["hex"] }
|
49
|
+
end
|
50
|
+
|
51
|
+
sleep 0.5
|
52
|
+
end
|
53
|
+
|
54
|
+
return sshfp_records
|
45
55
|
end
|
46
56
|
end
|
47
57
|
end
|
@@ -8,7 +8,7 @@ module SSHScan
|
|
8
8
|
# @param ip [String] IP address
|
9
9
|
# @param port [Fixnum] port
|
10
10
|
# @return [Array] array of enumerated addresses
|
11
|
-
def enumerateIPRange(ip,port)
|
11
|
+
def enumerateIPRange(ip,port=nil)
|
12
12
|
if ip.fqdn?
|
13
13
|
if port.nil?
|
14
14
|
socket = ip
|
@@ -17,29 +17,22 @@ module SSHScan
|
|
17
17
|
end
|
18
18
|
return [socket]
|
19
19
|
else
|
20
|
-
if ip.include? "
|
21
|
-
octets = ip.split('.')
|
22
|
-
range = octets.pop.split('-')
|
23
|
-
lower = NetAddr::CIDR.create(octets.join('.') + "." + range[0])
|
24
|
-
upper = NetAddr::CIDR.create(octets.join('.') + "." + range[1])
|
25
|
-
ip_array = NetAddr.range(lower, upper,:Inclusive => true)
|
26
|
-
if !port.nil?
|
27
|
-
ip_array.map! { |i| i.concat(":").concat(port.to_s) }
|
28
|
-
end
|
29
|
-
return ip_array
|
30
|
-
elsif ip.include? "/"
|
20
|
+
if ip.include? "/"
|
31
21
|
begin
|
32
|
-
|
22
|
+
ip_net = NetAddr::IPv4Net.parse(ip)
|
33
23
|
rescue
|
34
24
|
raise ArgumentError, "Invalid target: #{ip}"
|
35
25
|
end
|
36
|
-
|
37
|
-
|
38
|
-
|
26
|
+
|
27
|
+
sock_array = []
|
28
|
+
1.upto(ip_net.len - 2) do |i|
|
29
|
+
sock_array << ip_net.nth(i).to_s
|
30
|
+
end
|
31
|
+
|
39
32
|
if !port.nil?
|
40
|
-
|
33
|
+
sock_array.map! { |i| i.concat(":").concat(port.to_s) }
|
41
34
|
end
|
42
|
-
return
|
35
|
+
return sock_array
|
43
36
|
else
|
44
37
|
if port.nil?
|
45
38
|
socket = ip
|
data/lib/ssh_scan/version.rb
CHANGED
data/lib/string_ext.rb
CHANGED
data/ssh_scan.gemspec
CHANGED
@@ -31,12 +31,14 @@ Gem::Specification.new do |s|
|
|
31
31
|
s.metadata["yard.run"] = "yri" # use "yard" to build full HTML docs
|
32
32
|
|
33
33
|
s.add_dependency('bindata', '2.4.3')
|
34
|
-
s.add_dependency('netaddr', '
|
35
|
-
s.add_dependency('net-ssh', '
|
34
|
+
s.add_dependency('netaddr', '2.0.4')
|
35
|
+
s.add_dependency('net-ssh', '6.0.2')
|
36
|
+
s.add_dependency('ed25519', '1.2.4')
|
37
|
+
s.add_dependency('bcrypt_pbkdf', '1.0.1')
|
36
38
|
s.add_dependency('sshkey')
|
37
39
|
s.add_development_dependency('pry', '0.11.3')
|
38
40
|
s.add_development_dependency('rspec', '3.7.0')
|
39
41
|
s.add_development_dependency('rspec-its', '1.2.0')
|
40
|
-
s.add_development_dependency
|
42
|
+
s.add_development_dependency "rake", ">= 12.3.3"
|
41
43
|
s.add_development_dependency('rubocop')
|
42
44
|
end
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: ssh_scan
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.0.
|
4
|
+
version: 0.0.44
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Jonathan Claudius
|
@@ -9,10 +9,10 @@ authors:
|
|
9
9
|
- Harsh Vardhan
|
10
10
|
- Rishabh Saxena
|
11
11
|
- Ashish Gaurav
|
12
|
-
autorequire:
|
12
|
+
autorequire:
|
13
13
|
bindir: bin
|
14
14
|
cert_chain: []
|
15
|
-
date:
|
15
|
+
date: 2021-05-20 00:00:00.000000000 Z
|
16
16
|
dependencies:
|
17
17
|
- !ruby/object:Gem::Dependency
|
18
18
|
name: bindata
|
@@ -34,28 +34,56 @@ dependencies:
|
|
34
34
|
requirements:
|
35
35
|
- - '='
|
36
36
|
- !ruby/object:Gem::Version
|
37
|
-
version:
|
37
|
+
version: 2.0.4
|
38
38
|
type: :runtime
|
39
39
|
prerelease: false
|
40
40
|
version_requirements: !ruby/object:Gem::Requirement
|
41
41
|
requirements:
|
42
42
|
- - '='
|
43
43
|
- !ruby/object:Gem::Version
|
44
|
-
version:
|
44
|
+
version: 2.0.4
|
45
45
|
- !ruby/object:Gem::Dependency
|
46
46
|
name: net-ssh
|
47
47
|
requirement: !ruby/object:Gem::Requirement
|
48
48
|
requirements:
|
49
49
|
- - '='
|
50
50
|
- !ruby/object:Gem::Version
|
51
|
-
version:
|
51
|
+
version: 6.0.2
|
52
52
|
type: :runtime
|
53
53
|
prerelease: false
|
54
54
|
version_requirements: !ruby/object:Gem::Requirement
|
55
55
|
requirements:
|
56
56
|
- - '='
|
57
57
|
- !ruby/object:Gem::Version
|
58
|
-
version:
|
58
|
+
version: 6.0.2
|
59
|
+
- !ruby/object:Gem::Dependency
|
60
|
+
name: ed25519
|
61
|
+
requirement: !ruby/object:Gem::Requirement
|
62
|
+
requirements:
|
63
|
+
- - '='
|
64
|
+
- !ruby/object:Gem::Version
|
65
|
+
version: 1.2.4
|
66
|
+
type: :runtime
|
67
|
+
prerelease: false
|
68
|
+
version_requirements: !ruby/object:Gem::Requirement
|
69
|
+
requirements:
|
70
|
+
- - '='
|
71
|
+
- !ruby/object:Gem::Version
|
72
|
+
version: 1.2.4
|
73
|
+
- !ruby/object:Gem::Dependency
|
74
|
+
name: bcrypt_pbkdf
|
75
|
+
requirement: !ruby/object:Gem::Requirement
|
76
|
+
requirements:
|
77
|
+
- - '='
|
78
|
+
- !ruby/object:Gem::Version
|
79
|
+
version: 1.0.1
|
80
|
+
type: :runtime
|
81
|
+
prerelease: false
|
82
|
+
version_requirements: !ruby/object:Gem::Requirement
|
83
|
+
requirements:
|
84
|
+
- - '='
|
85
|
+
- !ruby/object:Gem::Version
|
86
|
+
version: 1.0.1
|
59
87
|
- !ruby/object:Gem::Dependency
|
60
88
|
name: sshkey
|
61
89
|
requirement: !ruby/object:Gem::Requirement
|
@@ -116,16 +144,16 @@ dependencies:
|
|
116
144
|
name: rake
|
117
145
|
requirement: !ruby/object:Gem::Requirement
|
118
146
|
requirements:
|
119
|
-
- -
|
147
|
+
- - ">="
|
120
148
|
- !ruby/object:Gem::Version
|
121
|
-
version: 12.3.
|
149
|
+
version: 12.3.3
|
122
150
|
type: :development
|
123
151
|
prerelease: false
|
124
152
|
version_requirements: !ruby/object:Gem::Requirement
|
125
153
|
requirements:
|
126
|
-
- -
|
154
|
+
- - ">="
|
127
155
|
- !ruby/object:Gem::Version
|
128
|
-
version: 12.3.
|
156
|
+
version: 12.3.3
|
129
157
|
- !ruby/object:Gem::Dependency
|
130
158
|
name: rubocop
|
131
159
|
requirement: !ruby/object:Gem::Requirement
|
@@ -219,7 +247,7 @@ licenses:
|
|
219
247
|
- ruby
|
220
248
|
metadata:
|
221
249
|
yard.run: yri
|
222
|
-
post_install_message:
|
250
|
+
post_install_message:
|
223
251
|
rdoc_options: []
|
224
252
|
require_paths:
|
225
253
|
- lib
|
@@ -234,8 +262,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
234
262
|
- !ruby/object:Gem::Version
|
235
263
|
version: '0'
|
236
264
|
requirements: []
|
237
|
-
rubygems_version: 3.
|
238
|
-
signing_key:
|
265
|
+
rubygems_version: 3.2.15
|
266
|
+
signing_key:
|
239
267
|
specification_version: 4
|
240
268
|
summary: Ruby-based SSH Scanner
|
241
269
|
test_files: []
|