From aa18e592dbe2527d75049dbaad100be16922bf12 Mon Sep 17 00:00:00 2001 From: dmiller Date: Fri, 8 Sep 2017 18:10:17 +0000 Subject: [PATCH] Add passphrase support for privatekeys in ssh-publickey-acceptance --- nselib/libssh2-utility.lua | 7 ++----- nselib/libssh2.luadoc | 2 +- scripts/ssh-publickey-acceptance.nse | 4 +++- 3 files changed, 6 insertions(+), 7 deletions(-) diff --git a/nselib/libssh2-utility.lua b/nselib/libssh2-utility.lua index 7c2ba59b8..f61576b04 100644 --- a/nselib/libssh2-utility.lua +++ b/nselib/libssh2-utility.lua @@ -95,7 +95,7 @@ function SSHConnection:password_auth (username, password) end --- --- Attempts to authenticate using provided publickey. +-- Attempts to authenticate using provided private key. -- -- @param username A username to authenticate as. -- @param privatekey_file A path to a privatekey. @@ -105,10 +105,7 @@ function SSHConnection:publickey_auth (username, privatekey_file, passphrase) if not self.session then return false end - print(self.session) - print(username) - print(privatekey_file) - if libssh2.userauth_publickey(self.session, username, privatekey_file, passphrase) then + if libssh2.userauth_publickey(self.session, username, privatekey_file, passphrase or "") then self.authenticated = true return true else diff --git a/nselib/libssh2.luadoc b/nselib/libssh2.luadoc index 0dbf9ed5b..70a999a33 100644 --- a/nselib/libssh2.luadoc +++ b/nselib/libssh2.luadoc @@ -52,7 +52,7 @@ function userauth_password(session, username, password) -- @param publickeyfile File containing publickey. Not necessary if libssh2 is -- compiled against OpenSSL -- @return true/false, depending on success -function userauth_publickey(session, username, privatekeyfile, passphrase publickeyfile) +function userauth_publickey(session, username, privatekeyfile, passphrase, publickeyfile) --- Read publickey from id_*.pub type key file -- @param publickeyfile File containing publickey diff --git a/scripts/ssh-publickey-acceptance.nse b/scripts/ssh-publickey-acceptance.nse index b86d356e2..7d0fbcf60 100644 --- a/scripts/ssh-publickey-acceptance.nse +++ b/scripts/ssh-publickey-acceptance.nse @@ -30,6 +30,7 @@ authentication. -- |_ Key ./id_rsa1 accepted for user root -- -- @args ssh.privatekeys Table containing filenames of privatekeys to test +-- @args ssh.passphrases Table containing passphrases for each private key -- @args ssh.publickeys Table containing filenames of publickkeys to test -- @args ssh.usernames Table containing usernames to check -- @args knownbad If specified, check if keys from publickeydb are accepted @@ -40,6 +41,7 @@ license = "Same as Nmap--See http://nmap.org/book/man-legal.html" categories = {"auth", "intrusive"} local privatekeys = stdnse.get_script_args "ssh.privatekeys" +local passphrases = stdnse.get_script_args "ssh.passphrases" or {} local usernames = stdnse.get_script_args "ssh.usernames" local knownbad = stdnse.get_script_args "known-bad" local publickeys = stdnse.get_script_args "ssh.publickeys" @@ -92,7 +94,7 @@ function action (host, port) for j = 1, #usernames do for i = 1, #privatekeys do stdnse.debug("Checking key: " .. privatekeys[i] .. " for user " .. usernames[j]) - if not helper:publickey_auth(usernames[j], privatekeys[i], "") then + if not helper:publickey_auth(usernames[j], privatekeys[i], passphrases[i] or "") then helper:disconnect() stdnse.verbose "Failed to authenticate" helper:connect(host, port)