From 82df82b5fd2af1565bef8203d8e33e5ed115d112 Mon Sep 17 00:00:00 2001 From: david Date: Sun, 11 Aug 2013 05:36:45 +0000 Subject: [PATCH] Do base64-encoding of the SSH key before returning, not after. Not all SSH key formats use base64 encoding, for example SSH1 keys looks different. So we can't blindly base64-encode the raw strings that we receive. Attempt to return keys in the same format as is used by the known_hosts file. --- nselib/ssh2.lua | 2 +- scripts/ssh-hostkey.nse | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/nselib/ssh2.lua b/nselib/ssh2.lua index 263bb77bb..94f839f21 100644 --- a/nselib/ssh2.lua +++ b/nselib/ssh2.lua @@ -228,7 +228,7 @@ fetch_host_key = function( host, port, key_type ) stdnse.print_debug( "Unsupported key type: %s", key_type ) end - return { key=public_host_key, key_type=key_type, fp_input=public_host_key, bits=bits, + return { key=base64.enc(public_host_key), key_type=key_type, fp_input=public_host_key, bits=bits, full_key=('%s %s'):format(key_type,base64.enc(public_host_key)), algorithm=algorithm, fingerprint=openssl.md5(public_host_key) } end diff --git a/scripts/ssh-hostkey.nse b/scripts/ssh-hostkey.nse index 0dd615b77..237b2a1e9 100644 --- a/scripts/ssh-hostkey.nse +++ b/scripts/ssh-hostkey.nse @@ -151,7 +151,7 @@ local function portaction(host, port) fingerprint=stdnse.tohex(key.fingerprint), type=key.key_type, bits=key.bits, - key=base64.enc(key.key), + key=key.key, }) if format:find( 'hex', 1, true ) or all_formats then table.insert( output, ssh1.fingerprint_hex( key.fingerprint, key.algorithm, key.bits ) )