Add passphrase support for privatekeys in ssh-publickey-acceptance

2025-12-09 14:11:29 +00:00 · 2017-09-08 18:10:17 +00:00
parent e400493b30
commit aa18e592db
3 changed files with 6 additions and 7 deletions
--- a/nselib/libssh2-utility.lua
+++ b/nselib/libssh2-utility.lua
@@ -95,7 +95,7 @@ function SSHConnection:password_auth (username, password)
 end

 ---
-- Attempts to authenticate using provided publickey.
+-- Attempts to authenticate using provided private key.
 --
 -- @param username A username to authenticate as.
 -- @param privatekey_file A path to a privatekey.
@@ -105,10 +105,7 @@ function SSHConnection:publickey_auth (username, privatekey_file, passphrase)
  if not self.session then
    return false
  end
-  print(self.session)
-  print(username)
-  print(privatekey_file)
-  if libssh2.userauth_publickey(self.session, username, privatekey_file, passphrase) then
+  if libssh2.userauth_publickey(self.session, username, privatekey_file, passphrase or "") then
    self.authenticated = true
    return true
  else
--- a/nselib/libssh2.luadoc
+++ b/nselib/libssh2.luadoc
@@ -52,7 +52,7 @@ function userauth_password(session, username, password)
 -- @param publickeyfile File containing publickey. Not necessary if libssh2 is
 -- compiled against OpenSSL
 -- @return true/false, depending on success
-function userauth_publickey(session, username, privatekeyfile, passphrase publickeyfile)
+function userauth_publickey(session, username, privatekeyfile, passphrase, publickeyfile)

 --- Read publickey from id_*.pub type key file
 -- @param publickeyfile File containing publickey
--- a/scripts/ssh-publickey-acceptance.nse
+++ b/scripts/ssh-publickey-acceptance.nse
@@ -30,6 +30,7 @@ authentication.
 -- |_    Key ./id_rsa1 accepted for user root
 --
 -- @args ssh.privatekeys Table containing filenames of privatekeys to test
+-- @args ssh.passphrases Table containing passphrases for each private key
 -- @args ssh.publickeys Table containing filenames of publickkeys to test
 -- @args ssh.usernames Table containing usernames to check
 -- @args knownbad   If specified, check if keys from publickeydb are accepted
@@ -40,6 +41,7 @@ license = "Same as Nmap--See http://nmap.org/book/man-legal.html"
 categories = {"auth", "intrusive"}

 local privatekeys = stdnse.get_script_args "ssh.privatekeys"
+local passphrases = stdnse.get_script_args "ssh.passphrases" or {}
 local usernames = stdnse.get_script_args "ssh.usernames"
 local knownbad = stdnse.get_script_args "known-bad"
 local publickeys = stdnse.get_script_args "ssh.publickeys"
@@ -92,7 +94,7 @@ function action (host, port)
    for j = 1, #usernames do
      for i = 1, #privatekeys do
        stdnse.debug("Checking key: " .. privatekeys[i] .. " for user " .. usernames[j])
-        if not helper:publickey_auth(usernames[j], privatekeys[i], "") then
+        if not helper:publickey_auth(usernames[j], privatekeys[i], passphrases[i] or "") then
          helper:disconnect()
          stdnse.verbose "Failed to authenticate"
          helper:connect(host, port)