keyboard-interactive auth for NSE via libssh2

nselib/libssh2-utility.lua

@@ -10,6 +10,7 @@
 
 local stdnse = require "stdnse"
 local table = require "table"
+local tableaux = require "tableaux"
 
 local libssh2 = stdnse.silent_require "libssh2"
 
@@ -81,7 +82,7 @@ function SSHConnection:run_remote (cmd, no_pty)
 end
 
 ---
--- Attempts to authenticate using provided credentials.
+-- Attempts to authenticate using password authentication.
 --
 -- @param username A username to authenticate as.
 -- @param password A password to authenticate as.
@@ -98,6 +99,66 @@ function SSHConnection:password_auth (username, password)
   end
 end
 
+local function kbd_get_cb(func)
+  return function(username, name, instruction, prompts)
+    local responses = {}
+    for i=1, #prompts do
+      stdnse.debug2("Auth for %s: '%s' '%s' '%s'",
+        username, name, instruction, prompts[i])
+      responses[i] = func(username, name, instruction, prompts[i])
+      stdnse.debug2("Response: %s", responses[i])
+    end
+    return responses
+  end
+end
+
+---
+-- Attempts to authenticate using keyboard-interactive authentication.
+--
+-- @param username A username to authenticate as.
+-- @param callback A callback function that takes 4 inputs (username, name,
+--                 instruction, prompt) and returns one string response.
+-- @return true on success or false on failure.
+function SSHConnection:interactive_auth (username, callback)
+  if not self.session then
+    return false
+  end
+  if libssh2.userauth_keyboard_interactive(self.session, username, kbd_get_cb(callback)) then
+    self.authenticated = true
+    return true
+  else
+    return false
+  end
+end
+
+---
+-- Attempts to authenticate using provided credentials.
+--
+-- Lists available userauth methods and attempts to authenticate with the given
+-- credentials. If password authentication is not available, it will use
+-- keyboard-interactive authentication, responding with <code>password</code>
+-- to any prompts.
+--
+-- @param username A username to authenticate as.
+-- @param password A password
+-- @return true on success or false on failure.
+-- @return the successful auth method, or all methods available. If nil, no methods were found.
+function SSHConnection:login (username, password)
+  local methods = self:list(username)
+  if not methods then
+    return false
+  end
+  if (tableaux.contains(methods, "password")
+      and self:password_auth(username, password)) then
+    return true, "password"
+  end
+  if (tableaux.contains(methods, "keyboard-interactive") and
+      self:interactive_auth(username, function() return password end)) then
+    return true, "keyboard-interactive"
+  end
+  return false, methods
+end
+
 ---
 -- Attempts to authenticate using provided private key file.
 --

nselib/libssh2.luadoc

@@ -38,15 +38,34 @@ function set_timeout(session, timeout)
 -- @return List of supported authentication methods/
 function userauth_list(session)
 
---- Attempts to authenicate libssh2 session using provided credentials
--- @param username Username to authenicate as.
--- @param password Password to authenicate with.
+--- Attempts to authenticate libssh2 session using provided credentials
+-- @param username Username to authenticate as.
+-- @param password Password to authenticate with.
 -- @return true/false, depending on success
 function userauth_password(session, username, password)
 
+--- Attempts to authenticate libssh2 session using keyboard-interactive auth
+-- @param username Username to authenticate as.
+-- @param callback See <code>userauth_keyboard_interactive_cb</code>
+-- @return true/false, depending on success
+-- @return if first return was false, any errors thrown by the callback
+function userauth_keyboard_interactive(session, username, callback)
+
+--- Callback function for keyboard interaction.
+--
+-- This function is not implemented; it is up to you to write the appropriate
+-- function. The function must not yield, and so must not use any socket
+-- functions.
+-- @param username string Username this authentication is for
+-- @param name string from the server
+-- @param instruction string from the server
+-- @param prompts A table of strings, each of which is a prompt from the server.
+-- @return a series of response strings, each corresponding to a prompt
+function userauth_keyboard_interactive_cb(username, name, instruction, prompts)
+
 --- Attempts to authenticate libssh2 session using provided publickey
 -- @param session Connected libssh2 session
--- @param username Username to authenicate as
+-- @param username Username to authenticate as
 -- @param privatekeyfile File containing privatekey
 -- @param passphrase Passphrase for privatekey
 -- @param publickeyfile File containing publickey. Not necessary if libssh2 is
@@ -62,7 +81,7 @@ function read_publickey(publickeyfile)
 --- Checks to see if ssh server accepts public key for authentication as given user.
 --  This doesn't require the private key as it doesn't finish authenticating.
 -- @param session Connected libssh2 session
--- @param username Username to authenicate as
+-- @param username Username to authenticate as
 -- @param publickeydata String containing raw publickey blob
 -- @return true/false, depending on whether user can authenticate with given key
 function publickey_canauth(session, username, publickeydata)