Add ssh banner to ssh-auth-methods

CHANGELOG

@@ -1,5 +1,8 @@
 #Nmap Changelog ($Id$); -*-text-*-
 
+o [NSE] ssh-auth-methods will now print the pre-authentication banner text when
+  available. Requires libssh2 1.11.0 or later. [Daniel Miller]
+
 o Upgrade included libraries: Lua 5.4.6, libpcre2 10.43, zlib 1.3.1,
   libssh2 1.11.0, liblinear 2.47
 

configure.ac

@@ -675,7 +675,7 @@ AC_HELP_STRING([--without-libssh2], [Compile without libssh2]),
     LDFLAGS="-L$with_libssh2/lib $LDFLAGS"
 
     AC_CHECK_HEADER(libssh2.h,[
-      AC_CHECK_LIB(ssh2, libssh2_version,
+      AC_CHECK_LIB(ssh2, libssh2_userauth_banner,
         [have_libssh2=yes
         LIBSSH2_INC=$with_libssh2/include
         LIBSSH2_LIB=$with_libssh2/lib],

nse_libssh2.cc

@@ -484,6 +484,28 @@ static int l_userauth_list (lua_State *L) {
     return userauth_list(L, 0, 0);
 }
 
+static int userauth_banner (lua_State *L, int status, lua_KContext ctx) {
+    char *auth_banner = NULL;
+    struct ssh_userdata *state = NULL;
+
+    state = (struct ssh_userdata *) nseU_checkudata(L, 1, SSH2_UDATA, "ssh2");
+    assert(state->session != NULL);
+
+    if (LIBSSH2_ERROR_NONE == libssh2_userauth_banner(state->session, &auth_banner))
+    {
+      lua_pushstring(L, auth_banner);
+      return 1;
+    }
+    return 0;
+}
+
+/*
+* Returns pre-auth banner
+*/
+static int l_userauth_banner (lua_State *L) {
+    return userauth_banner(L, 0, 0);
+}
+
 static int userauth_publickey (lua_State *L, int status, lua_KContext ctx) {
     int rc;
     const char *username, *private_key_file, *passphrase, *public_key_file;
@@ -878,6 +900,7 @@ static const struct luaL_Reg libssh2[] = {
     { "session_open", l_session_open },
     { "hostkey_hash", l_hostkey_hash },
     { "set_timeout", l_set_timeout },
+    { "userauth_banner", l_userauth_banner },
     { "userauth_list", l_userauth_list },
     { "userauth_publickey", l_userauth_publickey },
     { "read_publickey", l_read_publickey },

nselib/libssh2-utility.lua

@@ -147,6 +147,23 @@ function SSHConnection:list (username)
   return false
 end
 
+---
+-- Attempt to retrieve the server's pre-auth banner
+--
+-- Need to attempt auth first (for instance by calling list)
+--
+-- @return The server's banner or nil on failure.
+function SSHConnection:banner ()
+  if not self.session then
+    return nil
+  end
+  local status, banner = pcall(libssh2.userauth_banner, self.session)
+  if status then
+    return banner
+  end
+  return nil
+end
+
 ---
 -- Attempts to read public key file
 --

scripts/ssh-auth-methods.nse

@@ -16,10 +16,20 @@ username which may be invalid. The abandoned connection will likely be logged.
 --
 -- @output
 -- 22/tcp open  ssh     syn-ack
+-- 22/tcp open  ssh     syn-ack
 -- | ssh-auth-methods:
 -- |   Supported authentication methods:
 -- |     publickey
--- |_    password
+-- |     password
+-- |   Banner: This is a private system. Use of this system constitutes
+-- |_consent to monitoring.
+--
+-- @xmloutput
+-- <table key="Supported authentication methods">
+--   <elem>publickey</elem>
+--   <elem>password</elem>
+-- </table>
+-- <elem key="Banner">This is a private system. Use of this system constitutes&#xa;consent to monitoring.&#xa;</elem>
 
 author = "Devin Bjelland"
 license = "Same as Nmap--See https://nmap.org/book/man-legal.html"
@@ -38,6 +48,7 @@ function action (host, port)
   local authmethods = helper:list(username)
 
   result["Supported authentication methods"] = authmethods
+  result["Banner"] = helper:banner()
 
   return result
 end