ssh_scan 0.0.43 → 0.0.44

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 035ffcd050babf1ef147195f6981a84a331e41d6929479a13383692b7148261f
-  data.tar.gz: 5354ffacae2dcf14ecc9a8ebe640baf96cf450ed08ad18dd0fb0bafe818131af
+  metadata.gz: 6174ee5e2ad23ab2ba83ecb51af937fba17db13e8dba7590ccf4b2cdb93c9aa5
+  data.tar.gz: dbad23e44d2f0b06625a8ae62eae20e7a7bc94a0aecadf01d143e0c9c1d4d373
 SHA512:
-  metadata.gz: 8a859e1d12f2c6479f15d8e34a2b71c6d040f6d7913ef7d661209ad902f73b901c2fb79f439656d68e43275b57db41e10a7f9d0aa939404e5978dc2067cde124
-  data.tar.gz: 596a3102e97a68d74ebe0d698eeaef1687229e896a44fd7152241b658d0f7a6b28c5a9dd1b94e31215b52ebf1ad3179b4a0a614f97cfde9b8f4f7b460c9cf714
+  metadata.gz: 1acd0b7879e43c38b9ff19487a7a4c4c8e6bb1598a27977dfb13d1c9559d5a222d7cf1a2762325deb29536ce055f6295cbc49382f858f9211639d1de5b0891e9
+  data.tar.gz: 0e880c12f64ece3ba79880f880ff7b7e1fa5b916636518b373bf40985ea4f7be3a3dfca0da9fd1d974364ca26bf8ef52dda798a9357b40f2dc896520cc0ef9b2

data/.travis.yml

@@ -11,37 +11,44 @@ matrix:
       - LABEL=unit_tests
     after_success:
       - coveralls
-  - rvm: 2.5.1
+  - rvm: 2.6.7
     env:
       - LABEL=unit_tests
-  - rvm: 2.4.4
+  - rvm: 2.7.3
     env:
       - LABEL=unit_tests
-  - rvm: 2.3.6
+  - rvm: 3.0.1
     env:
       - LABEL=unit_tests
-  - rvm: 2.5.1
+  - rvm: 2.6.7
     env:
       - LABEL=gem_integration_tests
     script:
       - gem install ssh_scan
       - chmod 755 ./spec/ssh_scan/integration.sh
       - ./spec/ssh_scan/integration.sh
-  - rvm: 2.4.4
+  - rvm: 2.7.3
     env:
       - LABEL=gem_integration_tests
     script:
       - gem install ssh_scan
       - chmod 755 ./spec/ssh_scan/integration.sh
       - ./spec/ssh_scan/integration.sh
-  - rvm: 2.5.0
+  - rvm: 3.0.1
+    env:
+      - LABEL=gem_integration_tests
+    script:
+      - gem install ssh_scan
+      - chmod 755 ./spec/ssh_scan/integration.sh
+      - ./spec/ssh_scan/integration.sh
+  - rvm: 2.7.3
     env:
       - LABEL=src_integration_tests
     script:
       - bundle install
       - chmod 755 ./spec/ssh_scan/integration.sh
       - ./spec/ssh_scan/integration.sh
-  - rvm: 2.5.0
+  - rvm: 3.0.1
     env:
       - LABEL=docker_integration_tests
     services:
@@ -49,7 +56,7 @@ matrix:
     script:
       - docker build -t mozilla/ssh_scan .
       - docker run -it mozilla/ssh_scan /app/spec/ssh_scan/integration.sh
-  - rvm: 2.5.0
+  - rvm: 3.0.1
     env:
       - LABEL=docker_build_and_push
     services:

data/README.md

@@ -27,7 +27,7 @@ To run from a docker container, type:
 
 ```bash
 docker pull mozilla/ssh_scan
-docker run -it mozilla/ssh_scan /app/bin/ssh_scan -t sshscan.rubidus.com
+docker run -it mozilla/ssh_scan -t sshscan.rubidus.com
 ```
 
 To install and run from source, type:
@@ -83,7 +83,6 @@ Examples:
   ssh_scan -t 192.168.1.1 --unit-test -P custom_policy.yml
 ```
 
-- See here for [example video](https://asciinema.org/a/7pliiw5zqhj7eqvz7q437u6vx)
 - See here for [example output](https://github.com/mozilla/ssh_scan/blob/master/examples/192.168.1.1.json)
 - See here for [example policies](https://github.com/mozilla/ssh_scan/blob/master/config/policies)
 

data/bin/ssh_scan

@@ -4,7 +4,6 @@
 $:.unshift File.join(File.dirname(__FILE__), "../lib")
 
 require 'json'
-require 'netaddr'
 require 'optparse'
 require 'ssh_scan'
 require 'logger'

data/lib/ssh_scan/scan_engine.rb

@@ -98,7 +98,7 @@ module SSHScan
                             target,
                             :port => port,
                             :timeout => timeout,
-                            :paranoid => false
+                            :verify_host_key => :never
                           )
         raise SSHScan::Error::ClosedConnection.new if net_ssh_session.closed?
         auth_session = Net::SSH::Authentication::Session.new(

data/lib/ssh_scan/ssh_fp.rb

@@ -22,26 +22,36 @@ module SSHScan
     def query(fqdn)
       sshfp_records = []
 
-      # Reference: https://stackoverflow.com/questions/28867626/how-to-use-resolvdnsresourcegeneric
-      # Note: this includes some fixes too, I'll post a direct link back to the SO article.
-      Resolv::DNS.open do |dns|
-         all_records = dns.getresources(fqdn, Resolv::DNS::Resource::IN::ANY ) rescue nil
-         all_records.each do |rr|
-            if rr.is_a? Resolv::DNS::Resource::Generic then
-               classname = rr.class.name.split('::').last
-               if classname == "Type44_Class1"
-                 data = rr.data.bytes
-                 algo = data[0].to_s
-                 fptype = data[1].to_s
-                 fp = data[2..-1]
-                 hex = fp.map{|b| b.to_s(16).rjust(2,'0') }.join(':')
-                 sshfp_records << {"fptype" => FPTYPE_MAP[fptype.to_i], "algo" => ALGO_MAP[algo.to_i], "hex" => hex}
-               end
-            end
-         end
-      end
-
-      return sshfp_records.sort_by { |k| k["hex"] }
+      # try up to 5 times to resolve ssh_fp's
+      5.times do
+
+        # Reference: https://stackoverflow.com/questions/28867626/how-to-use-resolvdnsresourcegeneric
+        # Note: this includes some fixes too, I'll post a direct link back to the SO article.
+        Resolv::DNS.open do |dns|
+           all_records = dns.getresources(fqdn, Resolv::DNS::Resource::IN::ANY ) rescue nil
+           all_records.each do |rr|
+              if rr.is_a? Resolv::DNS::Resource::Generic then
+                 classname = rr.class.name.split('::').last
+                 if classname == "Type44_Class1"
+                   data = rr.data.bytes
+                   algo = data[0].to_s
+                   fptype = data[1].to_s
+                   fp = data[2..-1]
+                   hex = fp.map{|b| b.to_s(16).rjust(2,'0') }.join(':')
+                   sshfp_records << {"fptype" => FPTYPE_MAP[fptype.to_i], "algo" => ALGO_MAP[algo.to_i], "hex" => hex}
+                 end
+              end
+           end
+        end
+
+        if sshfp_records.any?
+          return sshfp_records.sort_by { |k| k["hex"] }
+        end
+
+        sleep 0.5
+      end 
+
+      return sshfp_records
     end
   end
 end

data/lib/ssh_scan/target_parser.rb

@@ -8,7 +8,7 @@ module SSHScan
     # @param ip [String] IP address
     # @param port [Fixnum] port
     # @return [Array] array of enumerated addresses
-    def enumerateIPRange(ip,port)
+    def enumerateIPRange(ip,port=nil)
       if ip.fqdn?
         if port.nil?
           socket = ip
@@ -17,29 +17,22 @@ module SSHScan
         end
         return [socket]
       else
-        if ip.include? "-"
-          octets = ip.split('.')
-          range = octets.pop.split('-')
-          lower = NetAddr::CIDR.create(octets.join('.') + "." + range[0])
-          upper = NetAddr::CIDR.create(octets.join('.') + "." + range[1])
-          ip_array = NetAddr.range(lower, upper,:Inclusive => true)
-          if !port.nil?
-            ip_array.map! { |i| i.concat(":").concat(port.to_s) }
-          end
-          return ip_array
-        elsif ip.include? "/"
+        if ip.include? "/"
           begin
-            cidr = NetAddr::CIDR.create(ip)
+            ip_net = NetAddr::IPv4Net.parse(ip)
           rescue
             raise ArgumentError, "Invalid target: #{ip}"
           end
-          ip_array = cidr.enumerate
-          ip_array.delete(cidr.network)
-          ip_array.delete(cidr.last)
+
+          sock_array = []
+          1.upto(ip_net.len - 2) do |i|
+            sock_array << ip_net.nth(i).to_s
+          end
+
           if !port.nil?
-            ip_array.map! { |i| i.concat(":").concat(port.to_s) }
+            sock_array.map! { |i| i.concat(":").concat(port.to_s) }
           end
-          return ip_array
+          return sock_array
         else
           if port.nil?
             socket = ip

data/lib/ssh_scan/version.rb

@@ -1,3 +1,3 @@
 module SSHScan
-  VERSION = '0.0.43'
+  VERSION = '0.0.44'
 end

data/lib/string_ext.rb

@@ -55,7 +55,11 @@ class String
   end
 
   def resolve_fqdn
-    TCPSocket.gethostbyname(self)[3]
+    begin
+      IPSocket.getaddress(self)
+    rescue SocketError
+      nil # Can return anything you want here
+    end
   end
 
   def resolve_ptr(timeout = 3)

data/ssh_scan.gemspec

@@ -31,12 +31,14 @@ Gem::Specification.new do |s|
   s.metadata["yard.run"] = "yri" # use "yard" to build full HTML docs
 
   s.add_dependency('bindata', '2.4.3')
-  s.add_dependency('netaddr', '1.5.1')
-  s.add_dependency('net-ssh', '5.2.0')
+  s.add_dependency('netaddr', '2.0.4')
+  s.add_dependency('net-ssh', '6.0.2')
+  s.add_dependency('ed25519', '1.2.4')
+  s.add_dependency('bcrypt_pbkdf', '1.0.1')
   s.add_dependency('sshkey')
   s.add_development_dependency('pry', '0.11.3')
   s.add_development_dependency('rspec', '3.7.0')
   s.add_development_dependency('rspec-its', '1.2.0')
-  s.add_development_dependency('rake', '12.3.1')
+  s.add_development_dependency "rake", ">= 12.3.3"
   s.add_development_dependency('rubocop')
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: ssh_scan
 version: !ruby/object:Gem::Version
-  version: 0.0.43
+  version: 0.0.44
 platform: ruby
 authors:
 - Jonathan Claudius
@@ -9,10 +9,10 @@ authors:
 - Harsh Vardhan
 - Rishabh Saxena
 - Ashish Gaurav
-autorequire: 
+autorequire:
 bindir: bin
 cert_chain: []
-date: 2020-05-27 00:00:00.000000000 Z
+date: 2021-05-20 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bindata
@@ -34,28 +34,56 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 1.5.1
+        version: 2.0.4
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 1.5.1
+        version: 2.0.4
 - !ruby/object:Gem::Dependency
   name: net-ssh
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 5.2.0
+        version: 6.0.2
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 5.2.0
+        version: 6.0.2
+- !ruby/object:Gem::Dependency
+  name: ed25519
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 1.2.4
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 1.2.4
+- !ruby/object:Gem::Dependency
+  name: bcrypt_pbkdf
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 1.0.1
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 1.0.1
 - !ruby/object:Gem::Dependency
   name: sshkey
   requirement: !ruby/object:Gem::Requirement
@@ -116,16 +144,16 @@ dependencies:
   name: rake
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - '='
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 12.3.1
+        version: 12.3.3
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - '='
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 12.3.1
+        version: 12.3.3
 - !ruby/object:Gem::Dependency
   name: rubocop
   requirement: !ruby/object:Gem::Requirement
@@ -219,7 +247,7 @@ licenses:
 - ruby
 metadata:
   yard.run: yri
-post_install_message: 
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -234,8 +262,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.2
-signing_key: 
+rubygems_version: 3.2.15
+signing_key:
 specification_version: 4
 summary: Ruby-based SSH Scanner
 test_files: []