Skip to content
This repository has been archived by the owner on Jan 24, 2022. It is now read-only.

Commit

Permalink
Fix fingerprint deuplicate handling
Browse files Browse the repository at this point in the history
  • Loading branch information
Jonathan Claudius committed Jan 17, 2019
1 parent 4bda42f commit a12898f
Show file tree
Hide file tree
Showing 2 changed files with 29 additions and 51 deletions.
2 changes: 1 addition & 1 deletion lib/ssh_scan/result.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -250,7 +250,7 @@ def to_hash
"languages_server_to_client" => self.languages_server_to_client,
"auth_methods" => self.auth_methods,
"keys" => self.keys,
"duplicate_host_key_ips" => self.duplicate_host_key_ips,
"duplicate_host_key_ips" => self.duplicate_host_key_ips.uniq,
"compliance" => @compliance,
"start_time" => self.start_time,
"end_time" => self.end_time,
Expand Down
78 changes: 28 additions & 50 deletions lib/ssh_scan/scan_engine.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -138,28 +138,11 @@ def scan_target(socket, opts)
if host_keys[i].eql? "ssh-dss"
key = SSHScan::Crypto::PublicKey.new([host_keys[i], host_keys[i + 1]].join(" "))
keys.merge!(key.to_hash)
# fingerprints.merge!({
# "dsa" => {
# "known_bad" => pkey.bad_key?.to_s,
# "md5" => pkey.fingerprint_md5,
# "sha1" => pkey.fingerprint_sha1,
# "sha256" => pkey.fingerprint_sha256,
# }
# })
end

if host_keys[i].eql? "ssh-rsa"
key = SSHScan::Crypto::PublicKey.new([host_keys[i], host_keys[i + 1]].join(" "))
keys.merge!(key.to_hash)
# pkey = SSHScan::Crypto::PublicKey.new(host_keys[i + 1])
# fingerprints.merge!({
# "rsa" => {
# "known_bad" => pkey.bad_key?.to_s,
# "md5" => pkey.fingerprint_md5,
# "sha1" => pkey.fingerprint_sha1,
# "sha256" => pkey.fingerprint_sha256,
# }
# })
end
end

Expand Down Expand Up @@ -197,41 +180,36 @@ def scan(opts)
workers.map(&:join)

# Add all the fingerprints to our peristent FingerprintDatabase
# fingerprint_db = SSHScan::FingerprintDatabase.new(
# opts['fingerprint_database']
# )
# results.each do |result|
# fingerprint_db.clear_fingerprints(result.ip)

# if result.fingerprints
# result.fingerprints.values.each do |host_key_algo|
# host_key_algo.each do |fingerprint|
# key, value = fingerprint
# next if key == "known_bad"
# fingerprint_db.add_fingerprint(value, result.ip)
# end
# end
# end
# end
fingerprint_db = SSHScan::FingerprintDatabase.new(
opts['fingerprint_database']
)
results.each do |result|
fingerprint_db.clear_fingerprints(result.ip)

if result.keys
result.keys.values.each do |host_key_algo|
host_key_algo['fingerprints'].values.each do |fingerprint|
fingerprint_db.add_fingerprint(fingerprint, result.ip)
end
end
end
end

# Decorate all the results with duplicate keys
# results.each do |result|
# if result.fingerprints
# ip = result.ip
# result.duplicate_host_key_ips = []
# result.fingerprints.values.each do |host_key_algo|
# host_key_algo.each do |fingerprint|
# key, value = fingerprint
# next if key == "known_bad"
# fingerprint_db.find_fingerprints(value).each do |other_ip|
# next if ip == other_ip
# result.duplicate_host_key_ips << other_ip
# end
# end
# end
# result.duplicate_host_key_ips
# end
# end
results.each do |result|
if result.keys
ip = result.ip
result.duplicate_host_key_ips = []
result.keys.values.each do |host_key_algo|
host_key_algo["fingerprints"].values.each do |fingerprint|
fingerprint_db.find_fingerprints(fingerprint).each do |other_ip|
next if ip == other_ip
result.duplicate_host_key_ips << other_ip
end
end
end
end
end

# Decorate all the results with compliance information
results.each do |result|
Expand Down

0 comments on commit a12898f

Please sign in to comment.