diff --git a/lib/ssh_scan/banner.rb b/lib/ssh_scan/banner.rb index d47b3008..d622e25b 100644 --- a/lib/ssh_scan/banner.rb +++ b/lib/ssh_scan/banner.rb @@ -25,14 +25,30 @@ def ssh_lib_guess() return SSHScan::SSHLib::OpenSSH.new(@string) when /LibSSH/i return SSHScan::SSHLib::LibSSH.new() + when /ipssh/i + return SSHScan::SSHLib::IpSsh.new(@string) when /Cisco/i return SSHScan::SSHLib::CiscoSSH.new() when /ROS/ return SSHScan::SSHLib::ROSSSH.new() when /DOPRASSH/i return SSHScan::SSHLib::DOPRASSH.new() + when /cryptlib/i + return SSHScan::SSHLib::Cryptlib.new() + when /NOS-SSH/i + return SSHScan::SSHLib::NosSSH.new(@string) + when /pgp/i + return SSHScan::SSHLib::PGP.new() + when /ServerTech_SSH|Mocana SSH/i + return SSHScan::SSHLib::SentrySSH.new() + when /mpssh/i + return SSHScan::SSHLib::Mpssh.new(@string) when /dropbear/i return SSHScan::SSHLib::Dropbear.new(@string) + when /RomSShell/i + return SSHScan::SSHLib::RomSShell.new(@string) + when /Flowssh/i + return SSHScan::SSHLib::FlowSsh.new(@string) else return SSHScan::SSHLib::Unknown.new() end diff --git a/lib/ssh_scan/ssh_lib.rb b/lib/ssh_scan/ssh_lib.rb index 19da684b..ecf2e312 100644 --- a/lib/ssh_scan/ssh_lib.rb +++ b/lib/ssh_scan/ssh_lib.rb @@ -4,4 +4,12 @@ require 'ssh_scan/ssh_lib/rosssh' require 'ssh_scan/ssh_lib/doprassh' require 'ssh_scan/ssh_lib/dropbear' +require 'ssh_scan/ssh_lib/romsshell' +require 'ssh_scan/ssh_lib/flowssh' +require 'ssh_scan/ssh_lib/cryptlib' +require 'ssh_scan/ssh_lib/mpssh' +require 'ssh_scan/ssh_lib/sentryssh' +require 'ssh_scan/ssh_lib/ipssh' +require 'ssh_scan/ssh_lib/pgp' +require 'ssh_scan/ssh_lib/nosssh' require 'ssh_scan/ssh_lib/unknown' diff --git a/lib/ssh_scan/ssh_lib/cryptlib.rb b/lib/ssh_scan/ssh_lib/cryptlib.rb new file mode 100644 index 00000000..ec57cb98 --- /dev/null +++ b/lib/ssh_scan/ssh_lib/cryptlib.rb @@ -0,0 +1,17 @@ +module SSHScan + module SSHLib + class Cryptlib + def common + "cryptlib" + end + + def cpe + "a:cryptlib:cryptlib" + end + + def version + nil + end + end + end +end diff --git a/lib/ssh_scan/ssh_lib/flowssh.rb b/lib/ssh_scan/ssh_lib/flowssh.rb new file mode 100644 index 00000000..b40cf5cd --- /dev/null +++ b/lib/ssh_scan/ssh_lib/flowssh.rb @@ -0,0 +1,34 @@ +module SSHScan + module SSHLib + class FlowSsh + class Version + def initialize(version_string) + @version_string = version_string + end + + def to_s + @version_string + end + end + + def initialize(banner = nil) + @banner = banner + end + + def version() + return nil if @banner.nil? + match = @banner.match(/(\d+[\.\d+]+(p)?(\d+)?) FlowSsh/) + return nil if match.nil? + return FlowSsh::Version.new(match[1]) + end + + def common + "flowssh" + end + + def cpe + "a:bitvise:flowssh" + end + end + end +end diff --git a/lib/ssh_scan/ssh_lib/ipssh.rb b/lib/ssh_scan/ssh_lib/ipssh.rb new file mode 100644 index 00000000..68f6fad4 --- /dev/null +++ b/lib/ssh_scan/ssh_lib/ipssh.rb @@ -0,0 +1,34 @@ +module SSHScan + module SSHLib + class IpSsh + class Version + def initialize(version_string) + @version_string = version_string + end + + def to_s + @version_string + end + end + + def initialize(banner = nil) + @banner = banner + end + + def version() + return nil if @banner.nil? + match = @banner.match(/IPSSH-(\d+[\.\d+]+(p)?(\d+)?)/) + return nil if match.nil? + return IpSsh::Version.new(match[1]) + end + + def common + "ipssh" + end + + def cpe + "a:ipssh:ipssh" + end + end + end +end diff --git a/lib/ssh_scan/ssh_lib/mpssh.rb b/lib/ssh_scan/ssh_lib/mpssh.rb new file mode 100644 index 00000000..44081e2e --- /dev/null +++ b/lib/ssh_scan/ssh_lib/mpssh.rb @@ -0,0 +1,34 @@ +module SSHScan + module SSHLib + class Mpssh + class Version + def initialize(version_string) + @version_string = version_string + end + + def to_s + @version_string + end + end + + def initialize(banner = nil) + @banner = banner + end + + def version() + return nil if @banner.nil? + match = @banner.match(/mpSSH_(\d+[\.\d+]+(p)?(\d+)?)/i) + return nil if match.nil? + return Mpssh::Version.new(match[1]) + end + + def common + "mpssh" + end + + def cpe + "a:mpssh:mpssh" + end + end + end +end diff --git a/lib/ssh_scan/ssh_lib/nosssh.rb b/lib/ssh_scan/ssh_lib/nosssh.rb new file mode 100644 index 00000000..6175688d --- /dev/null +++ b/lib/ssh_scan/ssh_lib/nosssh.rb @@ -0,0 +1,34 @@ +module SSHScan + module SSHLib + class NosSSH + class Version + def initialize(version_string) + @version_string = version_string + end + + def to_s + @version_string + end + end + + def initialize(banner = nil) + @banner = banner + end + + def version() + return nil if @banner.nil? + match = @banner.match(/NOS-SSH_(\d+[\.\d+]+)/) + return nil if match.nil? + return NosSSH::Version.new(match[1]) + end + + def common + "nosssh" + end + + def cpe + "a:nosssh:nosssh" + end + end + end +end diff --git a/lib/ssh_scan/ssh_lib/pgp.rb b/lib/ssh_scan/ssh_lib/pgp.rb new file mode 100644 index 00000000..67a92e6a --- /dev/null +++ b/lib/ssh_scan/ssh_lib/pgp.rb @@ -0,0 +1,17 @@ +module SSHScan + module SSHLib + class PGP + def common + "pgp" + end + + def cpe + "a:pgp:pgp" + end + + def version + nil + end + end + end +end diff --git a/lib/ssh_scan/ssh_lib/romsshell.rb b/lib/ssh_scan/ssh_lib/romsshell.rb new file mode 100644 index 00000000..0e092538 --- /dev/null +++ b/lib/ssh_scan/ssh_lib/romsshell.rb @@ -0,0 +1,34 @@ +module SSHScan + module SSHLib + class RomSShell + class Version + def initialize(version_string) + @version_string = version_string + end + + def to_s + @version_string + end + end + + def initialize(banner = nil) + @banner = banner + end + + def version() + return nil if @banner.nil? + match = @banner.match(/RomSShell_(\d+[\.\d+]+(p)?(\d+)?)/) + return nil if match.nil? + return RomSShell::Version.new(match[1]) + end + + def common + "romsshell" + end + + def cpe + "a:allegrosoft:romsshell" + end + end + end +end diff --git a/lib/ssh_scan/ssh_lib/sentryssh.rb b/lib/ssh_scan/ssh_lib/sentryssh.rb new file mode 100644 index 00000000..ee72b858 --- /dev/null +++ b/lib/ssh_scan/ssh_lib/sentryssh.rb @@ -0,0 +1,17 @@ +module SSHScan + module SSHLib + class SentrySSH + def common + "sentryssh" + end + + def cpe + "a:servertech:sentryssh" + end + + def version + nil + end + end + end +end diff --git a/spec/ssh_scan/banner/os/freebsd_spec.rb b/spec/ssh_scan/banner/os/freebsd_spec.rb new file mode 100644 index 00000000..e4db4813 --- /dev/null +++ b/spec/ssh_scan/banner/os/freebsd_spec.rb @@ -0,0 +1,16 @@ +require 'rspec' +require_relative '../helper' + +describe SSHScan::Banner do + context "when freebsd fingerprinting" do + expectations = { + "SSH-2.0-OpenSSH_5.4p1 FreeBSD-20100308" => { + :os_class => SSHScan::OS::FreeBSD, + :os_version => "", + :ssh_lib_class => SSHScan::SSHLib::OpenSSH, + :ssh_lib_version => "5.4p1", + }, + } + checkFingerprints(expectations) + end +end diff --git a/spec/ssh_scan/banner/ssh_lib/cryptlib_spec.rb b/spec/ssh_scan/banner/ssh_lib/cryptlib_spec.rb new file mode 100644 index 00000000..451e7e41 --- /dev/null +++ b/spec/ssh_scan/banner/ssh_lib/cryptlib_spec.rb @@ -0,0 +1,14 @@ +require 'rspec' +require_relative '../helper' + +describe SSHScan::Banner do + context "when cryptlib fingerprinting" do + expectations = { + "SSH-2.0-cryptlib" => { + :ssh_lib_class => SSHScan::SSHLib::Cryptlib, + :ssh_lib_version => "", + }, + } + checkFingerprints(expectations) + end +end diff --git a/spec/ssh_scan/banner/ssh_lib/flowssh_spec.rb b/spec/ssh_scan/banner/ssh_lib/flowssh_spec.rb new file mode 100644 index 00000000..fac74b16 --- /dev/null +++ b/spec/ssh_scan/banner/ssh_lib/flowssh_spec.rb @@ -0,0 +1,14 @@ +require 'rspec' +require_relative '../helper' + +describe SSHScan::Banner do + context "when flowssh fingerprinting" do + expectations = { + "SSH-2.0-5.32 FlowSsh" => { + :ssh_lib_class => SSHScan::SSHLib::FlowSsh, + :ssh_lib_version => "5.32", + }, + } + checkFingerprints(expectations) + end +end diff --git a/spec/ssh_scan/banner/ssh_lib/ipssh_spec.rb b/spec/ssh_scan/banner/ssh_lib/ipssh_spec.rb new file mode 100644 index 00000000..8305daeb --- /dev/null +++ b/spec/ssh_scan/banner/ssh_lib/ipssh_spec.rb @@ -0,0 +1,14 @@ +require 'rspec' +require_relative '../helper' + +describe SSHScan::Banner do + context "when ipssh fingerprinting" do + expectations = { + "SSH-2.0-IPSSH-6.6.0" => { + :ssh_lib_class => SSHScan::SSHLib::IpSsh, + :ssh_lib_version => "6.6.0", + }, + } + checkFingerprints(expectations) + end +end diff --git a/spec/ssh_scan/banner/ssh_lib/mpssh_spec.rb b/spec/ssh_scan/banner/ssh_lib/mpssh_spec.rb new file mode 100644 index 00000000..fd6cfad4 --- /dev/null +++ b/spec/ssh_scan/banner/ssh_lib/mpssh_spec.rb @@ -0,0 +1,14 @@ +require 'rspec' +require_relative '../helper' + +describe SSHScan::Banner do + context "when mpssh fingerprinting" do + expectations = { + "SSH-2.0-mpSSH_0.2.1" => { + :ssh_lib_class => SSHScan::SSHLib::Mpssh, + :ssh_lib_version => "0.2.1", + }, + } + checkFingerprints(expectations) + end +end diff --git a/spec/ssh_scan/banner/ssh_lib/nosssh_spec.rb b/spec/ssh_scan/banner/ssh_lib/nosssh_spec.rb new file mode 100644 index 00000000..23d14ff4 --- /dev/null +++ b/spec/ssh_scan/banner/ssh_lib/nosssh_spec.rb @@ -0,0 +1,14 @@ +require 'rspec' +require_relative '../helper' + +describe SSHScan::Banner do + context "when nosssh fingerprinting" do + expectations = { + "SSH-2.0-NOS-SSH_2.0" => { + :ssh_lib_class => SSHScan::SSHLib::NosSSH, + :ssh_lib_version => "2.0", + }, + } + checkFingerprints(expectations) + end +end diff --git a/spec/ssh_scan/banner/ssh_lib/openssh_spec.rb b/spec/ssh_scan/banner/ssh_lib/openssh_spec.rb new file mode 100644 index 00000000..3ca892a7 --- /dev/null +++ b/spec/ssh_scan/banner/ssh_lib/openssh_spec.rb @@ -0,0 +1,38 @@ +require 'rspec' +require_relative '../helper' + +describe SSHScan::Banner do + context "when openssh fingerprinting" do + expectations = { + "SSH-2.0-OpenSSH_7.3" => { + :ssh_lib_class => SSHScan::SSHLib::OpenSSH, + :ssh_lib_version => "7.3", + }, + "SSH-2.0-OpenSSH_6.8p1-hpn14v6" => { + :ssh_lib_class => SSHScan::SSHLib::OpenSSH, + :ssh_lib_version => "6.8p1", + }, + "SSH-2.0-OpenSSH_6.6.1" => { + :ssh_lib_class => SSHScan::SSHLib::OpenSSH, + :ssh_lib_version => "6.6.1", + }, + "SSH-2.0-OpenSSH_6.2 FIPS" => { + :ssh_lib_class => SSHScan::SSHLib::OpenSSH, + :ssh_lib_version => "6.2", + }, + "SSH-2.0-OpenSSH_6.2 FIPS" => { + :ssh_lib_class => SSHScan::SSHLib::OpenSSH, + :ssh_lib_version => "6.2", + }, + "SSH-2.0-OpenSSH_12.1" => { + :ssh_lib_class => SSHScan::SSHLib::OpenSSH, + :ssh_lib_version => "12.1", + }, + "SSH-1.99-OpenSSH_3.7.1p2" => { + :ssh_lib_class => SSHScan::SSHLib::OpenSSH, + :ssh_lib_version => "3.7.1p2", + }, + } + checkFingerprints(expectations) + end +end diff --git a/spec/ssh_scan/banner/ssh_lib/pgp_spec.rb b/spec/ssh_scan/banner/ssh_lib/pgp_spec.rb new file mode 100644 index 00000000..238ad8e0 --- /dev/null +++ b/spec/ssh_scan/banner/ssh_lib/pgp_spec.rb @@ -0,0 +1,14 @@ +require 'rspec' +require_relative '../helper' + +describe SSHScan::Banner do + context "when pgp fingerprinting" do + expectations = { + "SSH-2.0-PGP" => { + :ssh_lib_class => SSHScan::SSHLib::PGP, + :ssh_lib_version => "", + }, + } + checkFingerprints(expectations) + end +end diff --git a/spec/ssh_scan/banner/ssh_lib/romsshell_spec.rb b/spec/ssh_scan/banner/ssh_lib/romsshell_spec.rb new file mode 100644 index 00000000..f9cdd582 --- /dev/null +++ b/spec/ssh_scan/banner/ssh_lib/romsshell_spec.rb @@ -0,0 +1,14 @@ +require 'rspec' +require_relative '../helper' + +describe SSHScan::Banner do + context "when romsshell fingerprinting" do + expectations = { + "SSH-2.0-RomSShell_4.62" => { + :ssh_lib_class => SSHScan::SSHLib::RomSShell, + :ssh_lib_version => "4.62", + }, + } + checkFingerprints(expectations) + end +end diff --git a/spec/ssh_scan/banner/ssh_lib/sentryssh_spec.rb b/spec/ssh_scan/banner/ssh_lib/sentryssh_spec.rb new file mode 100644 index 00000000..7c3f1ab4 --- /dev/null +++ b/spec/ssh_scan/banner/ssh_lib/sentryssh_spec.rb @@ -0,0 +1,18 @@ +require 'rspec' +require_relative '../helper' + +describe SSHScan::Banner do + context "when sentryssh fingerprinting" do + expectations = { + "SSH-2.0-Mocana SSH" => { + :ssh_lib_class => SSHScan::SSHLib::SentrySSH, + :ssh_lib_version => "", + }, + "SSH-2.0-ServerTech_SSH" => { + :ssh_lib_class => SSHScan::SSHLib::SentrySSH, + :ssh_lib_version => "", + }, + } + checkFingerprints(expectations) + end +end