From 1154495aa3d898a52760c49a2f30661d7ce74733 Mon Sep 17 00:00:00 2001 From: david Date: Sun, 11 Aug 2013 05:36:48 +0000 Subject: [PATCH] Add a "key" element to the result of ssh1.fetch_host_key. ssh-hostkey.nse wanted this element to be present, but it was missing from SSH1 keys. This caused a crash that was reported by Dan Farmer and Florian Pelgrim. http://seclists.org/nmap-dev/2013/q3/151 http://seclists.org/nmap-dev/2013/q3/155 --- CHANGELOG | 6 ++++++ nselib/ssh1.lua | 3 ++- 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/CHANGELOG b/CHANGELOG index b90c9796f..24fc33a30 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -1,5 +1,11 @@ # Nmap Changelog ($Id$); -*-text-*- +o [NSE] Made the table returned by ssh1.fetch_host_key contain a "key" + element, like that of ssh2.fetch_host_key. This fixed a crash in the + ssh-hostkey script reported by Dan Farmer and Florian Pelgrim. The + "key" element of ssh2.fetch_host_key now is base64-encoded, to match + the format used by the known_hosts file. [David Fifield] + o [Nsock] Handle timers and timeouts via a priority queue (using a heap) for improved performance. Nsock now only iterates over events which are completed or expired instead of inspecting the entire event set at each diff --git a/nselib/ssh1.lua b/nselib/ssh1.lua index 3741aa3c3..61779e88a 100644 --- a/nselib/ssh1.lua +++ b/nselib/ssh1.lua @@ -52,7 +52,7 @@ end --- Fetch an SSH-1 host key. -- @param host Nmap host table. -- @param port Nmap port table. --- @return A table with the following fields: exp, +-- @return A table with the following fields: key, exp, -- mod, bits, key_type, -- fp_input, full_key, algorithm, and -- fingerprint. @@ -102,6 +102,7 @@ fetch_host_key = function(host, port) fp_input = mod:tobin()..exp:tobin() return {exp=exp,mod=mod,bits=host_key_bits,key_type='rsa1',fp_input=fp_input, + key=exp:todec()..' '..mod:todec(), full_key=exp:todec()..' '..mod:todec(),algorithm="RSA1", fingerprint=openssl.md5(fp_input)} end