PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-07 13:11:28 +00:00
Code Issues Projects Releases Wiki Activity

Update ssh-hostkey to use structured output

Browse Source
This commit is contained in:
dmiller
2012-08-15 20:30:39 +00:00
parent 86d1f0db47
commit 466d0895df
1 changed files with 19 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
scripts/ssh-hostkey.nse
View File

@@ -83,6 +83,7 @@ end
--@param port nmap port table of the currently probed port --@param port nmap port table of the currently probed port
local function portaction(host, port) local function portaction(host, port)
local output = {} local output = {}
local output_tab = {}
local keys = {} local keys = {}
local _,key local _,key
local format = nmap.registry.args.ssh_hostkey or "hex" local format = nmap.registry.args.ssh_hostkey or "hex"
@@ -99,6 +100,12 @@ local function portaction(host, port)
for _, key in ipairs( keys ) do for _, key in ipairs( keys ) do
add_key_to_registry( host, key ) add_key_to_registry( host, key )
table.insert(output_tab, {
fingerprint=stdnse.tohex(key.fingerprint,{separator=":"}),
algorithm=key.algorithm,
bits=key.bits,
key=key.full_key
})
if format:find( 'hex', 1, true ) or all_formats then if format:find( 'hex', 1, true ) or all_formats then
table.insert( output, ssh1.fingerprint_hex( key.fingerprint, key.algorithm, key.bits ) ) table.insert( output, ssh1.fingerprint_hex( key.fingerprint, key.algorithm, key.bits ) )
end end
@@ -117,7 +124,7 @@ local function portaction(host, port)
end end
if #output > 0 then if #output > 0 then
return table.concat( output, '\n' ) return output_tab, table.concat( output, '\n' )
end end
end end
@@ -138,6 +145,8 @@ end
local function postaction() local function postaction()
local hostkeys = {} local hostkeys = {}
local output = {} local output = {}
local output_tab = {}
local revmap = {}
-- create a reverse mapping key_fingerprint -> host(s) -- create a reverse mapping key_fingerprint -> host(s)
for ip, keys in pairs(nmap.registry.sshhostkey) do for ip, keys in pairs(nmap.registry.sshhostkey) do
@@ -145,6 +154,11 @@ local function postaction()
local fp = ssh1.fingerprint_hex(key.fingerprint, key.algorithm, key.bits) local fp = ssh1.fingerprint_hex(key.fingerprint, key.algorithm, key.bits)
if not hostkeys[fp] then if not hostkeys[fp] then
hostkeys[fp] = {} hostkeys[fp] = {}
revmap[fp] = {
fingerprint=stdnse.tohex(key.fingerprint,{separator=":"}),
algorithm=key.algorithm,
bits=key.bits
}
end end
-- discard duplicate IPs -- discard duplicate IPs
if not contains(hostkeys[fp], ip) then if not contains(hostkeys[fp], ip) then
@@ -158,15 +172,18 @@ local function postaction()
if #hostkeys[key] > 1 then if #hostkeys[key] > 1 then
table.sort(hostkeys[key], function(a, b) return ipOps.compare_ip(a, "lt", b) end) table.sort(hostkeys[key], function(a, b) return ipOps.compare_ip(a, "lt", b) end)
local str = 'Key ' .. key .. ' used by:' local str = 'Key ' .. key .. ' used by:'
local tab = {key=revmap[key], hosts={}}
for _, host in ipairs(hostkeys[key]) do for _, host in ipairs(hostkeys[key]) do
str = str .. '\n ' .. host str = str .. '\n ' .. host
table.insert(tab.hosts, host)
end end
table.insert(output, str) table.insert(output, str)
table.insert(output_tab, tab)
end end
end end
if #output > 0 then if #output > 0 then
return 'Possible duplicate hosts\n' .. table.concat(output, '\n') return output_tab, 'Possible duplicate hosts\n' .. table.concat(output, '\n')
end end
end end