a244ec15e6
* Fix typo * Actually call init per sender for each goroutine * split out TLS handling * Rename tls_handshake; update docs * fix comments * format fixes * merge updates * fix path * refactor heartbleed logging (now the same as original zgrab) * add ScanStatus, update modules to return it * fix threaded for loop; fix styling of dict literal * fix compile errors, note un-bubbled handshake error * initial schema commit * fix comment * schema cleanup * comments * fix TODOs * first attempt at docker integration in travis; also add schema validation * add integration_tests.sh * need sudo? * try pip install --user * revert regression * add docker service again * chmod +x integration_tests.sh * fix path of binary * Dump output file to stdout * travis work * use jp's build-self-contained script * use go get/go build to get jp * fix jp path * switch from bogus regex to wildcard * do all mysql versions; fix version comparison * re-enable notifications; fix successful version check log message; comment TryGetScanStatus * move to conf.d layout for integration tests * update README * add missing scripts * add ./ to path
176 lines
6.4 KiB
Python
176 lines
6.4 KiB
Python
# zschema sub-schema for zgrab2's ssh module (modules/ssh.go)
|
|
# Registers zgrab2-ssh globally, and ssh with the main zgrab2 schema.
|
|
|
|
from zschema.leaves import *
|
|
from zschema.compounds import *
|
|
import zschema.registry
|
|
|
|
from schemas.zcrypto import *
|
|
import schemas.zgrab2 as zgrab2
|
|
|
|
# zgrab2/lib/ssh/messages.go: (Json)kexInitMsg
|
|
zgrab2_ssh_kex_init_message = SubRecord({
|
|
"cookie": Binary(),
|
|
"kex_algorithms":ListOf(String()),
|
|
"host_key_algorithms":ListOf(String()),
|
|
"client_to_server_ciphers":ListOf(String()),
|
|
"server_to_client_ciphers":ListOf(String()),
|
|
"client_to_server_macs":ListOf(String()),
|
|
"server_to_client_macs":ListOf(String()),
|
|
"client_to_server_compression":ListOf(String()),
|
|
"server_to_client_compression":ListOf(String()),
|
|
"client_to_server_languages":ListOf(String()),
|
|
"server_to_client_languages":ListOf(String()),
|
|
"first_kex_follows":Boolean(),
|
|
"reserved":Unsigned32BitInteger(),
|
|
})
|
|
|
|
# zgrab2/lib/ssh/log.go: EndpointId
|
|
zgrab2_ssh_endpoint_id = SubRecord({
|
|
"raw": String(),
|
|
"version": String(),
|
|
"software": String(),
|
|
"comment": String()
|
|
})
|
|
|
|
# zgrab2/lib/ssh/kex.go: kexResult
|
|
zgrab2_ssh_kex_result = SubRecord({
|
|
"H": Binary(),
|
|
"K": Binary(),
|
|
"session_id": Binary()
|
|
})
|
|
|
|
# zgrab2/lib/ssh/keys.go: ed25519PublicKey
|
|
ed25519_public_key = SubRecord({
|
|
"public_bytes":Binary(),
|
|
})
|
|
|
|
# zgrab2/lib/ssh/certs.go: JsonSignature
|
|
xssh_signature = SubRecord({
|
|
"parsed":SubRecord({
|
|
"algorithm":String(),
|
|
"value":Binary(),
|
|
}),
|
|
"raw":Binary(),
|
|
})
|
|
|
|
# zgrab/ztools/keys/ecdhe.go: ECDHPrivateParams
|
|
golang_crypto_param = SubRecord({
|
|
"value":Binary(),
|
|
"length":Unsigned32BitInteger()
|
|
})
|
|
|
|
# zgrab2/lib/ssh/log.go: HandshakeLog
|
|
# TODO: Can ssh re-use any of the generic TLS model?
|
|
ssh_scan_response = SubRecord({
|
|
"result": SubRecord({
|
|
"server_id":SubRecord({
|
|
"raw":AnalyzedString(),
|
|
"version":String(),
|
|
"software":AnalyzedString(),
|
|
"comment":AnalyzedString(),
|
|
}),
|
|
"client_id": zgrab2_ssh_endpoint_id,
|
|
"server_key_exchange": zgrab2_ssh_kex_init_message,
|
|
"client_key_exchange": zgrab2_ssh_kex_init_message,
|
|
"algorithm_selection":SubRecord({
|
|
"dh_kex_algorithm":String(),
|
|
"host_key_algorithm":String(),
|
|
"client_to_server_alg_group": SubRecord({
|
|
"cipher":String(),
|
|
"mac":String(),
|
|
"compression":String(),
|
|
}),
|
|
"server_to_client_alg_group": SubRecord({
|
|
"cipher":String(),
|
|
"mac":String(),
|
|
"compression":String(),
|
|
}),
|
|
}),
|
|
"key_exchange": SubRecord({
|
|
"curve25519_sha256_params": SubRecord({
|
|
"server_public": Binary(),
|
|
}),
|
|
"ecdh_params": SubRecord({
|
|
"server_public": SubRecord({
|
|
"x": golang_crypto_param,
|
|
"y": golang_crypto_param,
|
|
}),
|
|
}),
|
|
"dh_params": SubRecord({
|
|
"prime": golang_crypto_param,
|
|
"generator": golang_crypto_param,
|
|
"server_public": golang_crypto_param,
|
|
}),
|
|
"server_signature":xssh_signature,
|
|
"server_host_key":SubRecord({
|
|
"raw":Binary(),
|
|
"algorithm":String(),
|
|
"fingerprint_sha256":String(),
|
|
"rsa_public_key":rsa_public_key,
|
|
"dsa_public_key":dsa_public_key,
|
|
"ecdsa_public_key":ecdsa_public_key,
|
|
"ed25519_public_key":ed25519_public_key,
|
|
"certkey_public_key":SubRecord({
|
|
"nonce":Binary(),
|
|
"key":SubRecord({
|
|
"raw":Binary(),
|
|
"fingerprint_sha256":String(),
|
|
"algorithm":String(),
|
|
"rsa_public_key":rsa_public_key,
|
|
"dsa_public_key":dsa_public_key,
|
|
"ecdsa_public_key":ecdsa_public_key,
|
|
"ed25519_public_key":ed25519_public_key,
|
|
}),
|
|
"serial":String(),
|
|
"cert_type":SubRecord({
|
|
"id":Unsigned32BitInteger(),
|
|
"name":String(),
|
|
}),
|
|
"key_id":String(),
|
|
"valid_principals":ListOf(String()),
|
|
"validity":SubRecord({
|
|
"valid_after":DateTime(doc="Timestamp of when certificate is first valid. Timezone is UTC."),
|
|
"valid_before":DateTime(doc="Timestamp of when certificate expires. Timezone is UTC."),
|
|
"length":Signed64BitInteger(),
|
|
}),
|
|
"reserved":Binary(),
|
|
"signature_key":SubRecord({
|
|
"raw":Binary(),
|
|
"fingerprint_sha256":String(),
|
|
"algorithm":String(),
|
|
"rsa_public_key":rsa_public_key,
|
|
"dsa_public_key":dsa_public_key,
|
|
"ecdsa_public_key":ecdsa_public_key,
|
|
"ed25519_public_key":ed25519_public_key,
|
|
}),
|
|
"signature":xssh_signature,
|
|
"parse_error":String(),
|
|
"extensions":SubRecord({
|
|
"known":SubRecord({
|
|
"permit_X11_forwarding":String(),
|
|
"permit_agent_forwarding":String(),
|
|
"permit_port_forwarding":String(),
|
|
"permit_pty":String(),
|
|
"permit_user_rc":String(),
|
|
}),
|
|
"unknown":ListOf(String()),
|
|
}),
|
|
"critical_options":SubRecord({
|
|
"known":SubRecord({
|
|
"force_command":String(),
|
|
"source_address":String(),
|
|
}),
|
|
"unknown":ListOf(String()),
|
|
})
|
|
}),
|
|
}),
|
|
}),
|
|
"userauth":ListOf(String()),
|
|
"crypto": zgrab2_ssh_kex_result
|
|
})
|
|
}, extends = zgrab2.base_scan_response)
|
|
|
|
zschema.registry.register_schema("zgrab2-ssh", ssh_scan_response)
|
|
zgrab2.register_scan_response_type('ssh', ssh_scan_response)
|