From 5c07d60c3b33db510dd4665cc0d84e4052a5508f Mon Sep 17 00:00:00 2001 From: Jonathan Claudius Date: Tue, 27 Sep 2016 22:24:59 -0400 Subject: [PATCH 01/11] Add openssh unit-tests --- spec/ssh_scan/banner/ssh_lib/openssh_spec.rb | 38 ++++++++++++++++++++ 1 file changed, 38 insertions(+) create mode 100644 spec/ssh_scan/banner/ssh_lib/openssh_spec.rb diff --git a/spec/ssh_scan/banner/ssh_lib/openssh_spec.rb b/spec/ssh_scan/banner/ssh_lib/openssh_spec.rb new file mode 100644 index 00000000..3ca892a7 --- /dev/null +++ b/spec/ssh_scan/banner/ssh_lib/openssh_spec.rb @@ -0,0 +1,38 @@ +require 'rspec' +require_relative '../helper' + +describe SSHScan::Banner do + context "when openssh fingerprinting" do + expectations = { + "SSH-2.0-OpenSSH_7.3" => { + :ssh_lib_class => SSHScan::SSHLib::OpenSSH, + :ssh_lib_version => "7.3", + }, + "SSH-2.0-OpenSSH_6.8p1-hpn14v6" => { + :ssh_lib_class => SSHScan::SSHLib::OpenSSH, + :ssh_lib_version => "6.8p1", + }, + "SSH-2.0-OpenSSH_6.6.1" => { + :ssh_lib_class => SSHScan::SSHLib::OpenSSH, + :ssh_lib_version => "6.6.1", + }, + "SSH-2.0-OpenSSH_6.2 FIPS" => { + :ssh_lib_class => SSHScan::SSHLib::OpenSSH, + :ssh_lib_version => "6.2", + }, + "SSH-2.0-OpenSSH_6.2 FIPS" => { + :ssh_lib_class => SSHScan::SSHLib::OpenSSH, + :ssh_lib_version => "6.2", + }, + "SSH-2.0-OpenSSH_12.1" => { + :ssh_lib_class => SSHScan::SSHLib::OpenSSH, + :ssh_lib_version => "12.1", + }, + "SSH-1.99-OpenSSH_3.7.1p2" => { + :ssh_lib_class => SSHScan::SSHLib::OpenSSH, + :ssh_lib_version => "3.7.1p2", + }, + } + checkFingerprints(expectations) + end +end From d3ce1521e94ab6918960e126c3372f31aed2862a Mon Sep 17 00:00:00 2001 From: Jonathan Claudius Date: Tue, 27 Sep 2016 22:29:42 -0400 Subject: [PATCH 02/11] add --- spec/ssh_scan/banner/os/freebsd_spec.rb | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) create mode 100644 spec/ssh_scan/banner/os/freebsd_spec.rb diff --git a/spec/ssh_scan/banner/os/freebsd_spec.rb b/spec/ssh_scan/banner/os/freebsd_spec.rb new file mode 100644 index 00000000..e4db4813 --- /dev/null +++ b/spec/ssh_scan/banner/os/freebsd_spec.rb @@ -0,0 +1,16 @@ +require 'rspec' +require_relative '../helper' + +describe SSHScan::Banner do + context "when freebsd fingerprinting" do + expectations = { + "SSH-2.0-OpenSSH_5.4p1 FreeBSD-20100308" => { + :os_class => SSHScan::OS::FreeBSD, + :os_version => "", + :ssh_lib_class => SSHScan::SSHLib::OpenSSH, + :ssh_lib_version => "5.4p1", + }, + } + checkFingerprints(expectations) + end +end From a9c3b0b102c33492c8d0b4374367600a3aae718b Mon Sep 17 00:00:00 2001 From: Jonathan Claudius Date: Tue, 27 Sep 2016 22:38:00 -0400 Subject: [PATCH 03/11] Add more romsshell and openssh fingerprints --- lib/ssh_scan/banner.rb | 2 ++ lib/ssh_scan/ssh_lib.rb | 1 + lib/ssh_scan/ssh_lib/openssh.rb | 2 +- lib/ssh_scan/ssh_lib/romsshell.rb | 34 +++++++++++++++++++ .../ssh_scan/banner/ssh_lib/romsshell_spec.rb | 14 ++++++++ 5 files changed, 52 insertions(+), 1 deletion(-) create mode 100644 lib/ssh_scan/ssh_lib/romsshell.rb create mode 100644 spec/ssh_scan/banner/ssh_lib/romsshell_spec.rb diff --git a/lib/ssh_scan/banner.rb b/lib/ssh_scan/banner.rb index d47b3008..7586f175 100644 --- a/lib/ssh_scan/banner.rb +++ b/lib/ssh_scan/banner.rb @@ -33,6 +33,8 @@ def ssh_lib_guess() return SSHScan::SSHLib::DOPRASSH.new() when /dropbear/i return SSHScan::SSHLib::Dropbear.new(@string) + when /RomSShell/i + return SSHScan::SSHLib::RomSShell.new(@string) else return SSHScan::SSHLib::Unknown.new() end diff --git a/lib/ssh_scan/ssh_lib.rb b/lib/ssh_scan/ssh_lib.rb index 19da684b..319195ad 100644 --- a/lib/ssh_scan/ssh_lib.rb +++ b/lib/ssh_scan/ssh_lib.rb @@ -4,4 +4,5 @@ require 'ssh_scan/ssh_lib/rosssh' require 'ssh_scan/ssh_lib/doprassh' require 'ssh_scan/ssh_lib/dropbear' +require 'ssh_scan/ssh_lib/romsshell' require 'ssh_scan/ssh_lib/unknown' diff --git a/lib/ssh_scan/ssh_lib/openssh.rb b/lib/ssh_scan/ssh_lib/openssh.rb index 734c15ef..894934fa 100644 --- a/lib/ssh_scan/ssh_lib/openssh.rb +++ b/lib/ssh_scan/ssh_lib/openssh.rb @@ -17,7 +17,7 @@ def initialize(banner = nil) def version() return nil if @banner.nil? - match = @banner.match(/OpenSSH_(\d+[\.\d+]+(p)?(\d+)?)/) + match = @banner.match(/RomSShell_(\d+[\.\d+]+(p)?(\d+)?)/) return nil if match.nil? return OpenSSH::Version.new(match[1]) end diff --git a/lib/ssh_scan/ssh_lib/romsshell.rb b/lib/ssh_scan/ssh_lib/romsshell.rb new file mode 100644 index 00000000..0e092538 --- /dev/null +++ b/lib/ssh_scan/ssh_lib/romsshell.rb @@ -0,0 +1,34 @@ +module SSHScan + module SSHLib + class RomSShell + class Version + def initialize(version_string) + @version_string = version_string + end + + def to_s + @version_string + end + end + + def initialize(banner = nil) + @banner = banner + end + + def version() + return nil if @banner.nil? + match = @banner.match(/RomSShell_(\d+[\.\d+]+(p)?(\d+)?)/) + return nil if match.nil? + return RomSShell::Version.new(match[1]) + end + + def common + "romsshell" + end + + def cpe + "a:allegrosoft:romsshell" + end + end + end +end diff --git a/spec/ssh_scan/banner/ssh_lib/romsshell_spec.rb b/spec/ssh_scan/banner/ssh_lib/romsshell_spec.rb new file mode 100644 index 00000000..8e2c81c5 --- /dev/null +++ b/spec/ssh_scan/banner/ssh_lib/romsshell_spec.rb @@ -0,0 +1,14 @@ +require 'rspec' +require_relative '../helper' + +describe SSHScan::Banner do + context "when openssh fingerprinting" do + expectations = { + "SSH-2.0-RomSShell_4.62" => { + :ssh_lib_class => SSHScan::SSHLib::RomSShell, + :ssh_lib_version => "4.62", + }, + } + checkFingerprints(expectations) + end +end From d4501888300d3ee8ec94f3674717508f92347e26 Mon Sep 17 00:00:00 2001 From: Jonathan Claudius Date: Tue, 27 Sep 2016 22:43:37 -0400 Subject: [PATCH 04/11] Add flowssh, fix romshell unit-tests --- lib/ssh_scan/banner.rb | 2 ++ lib/ssh_scan/ssh_lib.rb | 1 + lib/ssh_scan/ssh_lib/flowssh.rb | 34 +++++++++++++++++++ spec/ssh_scan/banner/ssh_lib/flowssh_spec.rb | 14 ++++++++ .../ssh_scan/banner/ssh_lib/romsshell_spec.rb | 2 +- 5 files changed, 52 insertions(+), 1 deletion(-) create mode 100644 lib/ssh_scan/ssh_lib/flowssh.rb create mode 100644 spec/ssh_scan/banner/ssh_lib/flowssh_spec.rb diff --git a/lib/ssh_scan/banner.rb b/lib/ssh_scan/banner.rb index 7586f175..84b7e02b 100644 --- a/lib/ssh_scan/banner.rb +++ b/lib/ssh_scan/banner.rb @@ -35,6 +35,8 @@ def ssh_lib_guess() return SSHScan::SSHLib::Dropbear.new(@string) when /RomSShell/i return SSHScan::SSHLib::RomSShell.new(@string) + when /Flowssh/i + return SSHScan::SSHLib::FlowSsh.new(@string) else return SSHScan::SSHLib::Unknown.new() end diff --git a/lib/ssh_scan/ssh_lib.rb b/lib/ssh_scan/ssh_lib.rb index 319195ad..fd26a56c 100644 --- a/lib/ssh_scan/ssh_lib.rb +++ b/lib/ssh_scan/ssh_lib.rb @@ -5,4 +5,5 @@ require 'ssh_scan/ssh_lib/doprassh' require 'ssh_scan/ssh_lib/dropbear' require 'ssh_scan/ssh_lib/romsshell' +require 'ssh_scan/ssh_lib/flowssh' require 'ssh_scan/ssh_lib/unknown' diff --git a/lib/ssh_scan/ssh_lib/flowssh.rb b/lib/ssh_scan/ssh_lib/flowssh.rb new file mode 100644 index 00000000..b40cf5cd --- /dev/null +++ b/lib/ssh_scan/ssh_lib/flowssh.rb @@ -0,0 +1,34 @@ +module SSHScan + module SSHLib + class FlowSsh + class Version + def initialize(version_string) + @version_string = version_string + end + + def to_s + @version_string + end + end + + def initialize(banner = nil) + @banner = banner + end + + def version() + return nil if @banner.nil? + match = @banner.match(/(\d+[\.\d+]+(p)?(\d+)?) FlowSsh/) + return nil if match.nil? + return FlowSsh::Version.new(match[1]) + end + + def common + "flowssh" + end + + def cpe + "a:bitvise:flowssh" + end + end + end +end diff --git a/spec/ssh_scan/banner/ssh_lib/flowssh_spec.rb b/spec/ssh_scan/banner/ssh_lib/flowssh_spec.rb new file mode 100644 index 00000000..fac74b16 --- /dev/null +++ b/spec/ssh_scan/banner/ssh_lib/flowssh_spec.rb @@ -0,0 +1,14 @@ +require 'rspec' +require_relative '../helper' + +describe SSHScan::Banner do + context "when flowssh fingerprinting" do + expectations = { + "SSH-2.0-5.32 FlowSsh" => { + :ssh_lib_class => SSHScan::SSHLib::FlowSsh, + :ssh_lib_version => "5.32", + }, + } + checkFingerprints(expectations) + end +end diff --git a/spec/ssh_scan/banner/ssh_lib/romsshell_spec.rb b/spec/ssh_scan/banner/ssh_lib/romsshell_spec.rb index 8e2c81c5..f9cdd582 100644 --- a/spec/ssh_scan/banner/ssh_lib/romsshell_spec.rb +++ b/spec/ssh_scan/banner/ssh_lib/romsshell_spec.rb @@ -2,7 +2,7 @@ require_relative '../helper' describe SSHScan::Banner do - context "when openssh fingerprinting" do + context "when romsshell fingerprinting" do expectations = { "SSH-2.0-RomSShell_4.62" => { :ssh_lib_class => SSHScan::SSHLib::RomSShell, From 382616465c7ee7748bd531d3f4ed2b95c5b4999f Mon Sep 17 00:00:00 2001 From: Jonathan Claudius Date: Tue, 27 Sep 2016 22:50:56 -0400 Subject: [PATCH 05/11] Add cryptlib fingerprints --- lib/ssh_scan/banner.rb | 2 ++ lib/ssh_scan/ssh_lib.rb | 1 + lib/ssh_scan/ssh_lib/cryptlib.rb | 17 +++++++++++++++++ spec/ssh_scan/banner/ssh_lib/cryptlib_spec.rb | 14 ++++++++++++++ 4 files changed, 34 insertions(+) create mode 100644 lib/ssh_scan/ssh_lib/cryptlib.rb create mode 100644 spec/ssh_scan/banner/ssh_lib/cryptlib_spec.rb diff --git a/lib/ssh_scan/banner.rb b/lib/ssh_scan/banner.rb index 84b7e02b..9564b28b 100644 --- a/lib/ssh_scan/banner.rb +++ b/lib/ssh_scan/banner.rb @@ -31,6 +31,8 @@ def ssh_lib_guess() return SSHScan::SSHLib::ROSSSH.new() when /DOPRASSH/i return SSHScan::SSHLib::DOPRASSH.new() + when /cryptlib/i + return SSHScan::SSHLib::Cryptlib.new() when /dropbear/i return SSHScan::SSHLib::Dropbear.new(@string) when /RomSShell/i diff --git a/lib/ssh_scan/ssh_lib.rb b/lib/ssh_scan/ssh_lib.rb index fd26a56c..c5a474bf 100644 --- a/lib/ssh_scan/ssh_lib.rb +++ b/lib/ssh_scan/ssh_lib.rb @@ -6,4 +6,5 @@ require 'ssh_scan/ssh_lib/dropbear' require 'ssh_scan/ssh_lib/romsshell' require 'ssh_scan/ssh_lib/flowssh' +require 'ssh_scan/ssh_lib/cryptlib' require 'ssh_scan/ssh_lib/unknown' diff --git a/lib/ssh_scan/ssh_lib/cryptlib.rb b/lib/ssh_scan/ssh_lib/cryptlib.rb new file mode 100644 index 00000000..ec57cb98 --- /dev/null +++ b/lib/ssh_scan/ssh_lib/cryptlib.rb @@ -0,0 +1,17 @@ +module SSHScan + module SSHLib + class Cryptlib + def common + "cryptlib" + end + + def cpe + "a:cryptlib:cryptlib" + end + + def version + nil + end + end + end +end diff --git a/spec/ssh_scan/banner/ssh_lib/cryptlib_spec.rb b/spec/ssh_scan/banner/ssh_lib/cryptlib_spec.rb new file mode 100644 index 00000000..451e7e41 --- /dev/null +++ b/spec/ssh_scan/banner/ssh_lib/cryptlib_spec.rb @@ -0,0 +1,14 @@ +require 'rspec' +require_relative '../helper' + +describe SSHScan::Banner do + context "when cryptlib fingerprinting" do + expectations = { + "SSH-2.0-cryptlib" => { + :ssh_lib_class => SSHScan::SSHLib::Cryptlib, + :ssh_lib_version => "", + }, + } + checkFingerprints(expectations) + end +end From 917f3588554fc5b7550bfe212617a0fd2b1162ed Mon Sep 17 00:00:00 2001 From: Jonathan Claudius Date: Tue, 27 Sep 2016 22:57:17 -0400 Subject: [PATCH 06/11] Add mpssh fingerprints --- lib/ssh_scan/banner.rb | 2 ++ lib/ssh_scan/ssh_lib.rb | 1 + lib/ssh_scan/ssh_lib/mpssh.rb | 34 ++++++++++++++++++++++ spec/ssh_scan/banner/ssh_lib/mpssh_spec.rb | 14 +++++++++ 4 files changed, 51 insertions(+) create mode 100644 lib/ssh_scan/ssh_lib/mpssh.rb create mode 100644 spec/ssh_scan/banner/ssh_lib/mpssh_spec.rb diff --git a/lib/ssh_scan/banner.rb b/lib/ssh_scan/banner.rb index 9564b28b..46bf59c7 100644 --- a/lib/ssh_scan/banner.rb +++ b/lib/ssh_scan/banner.rb @@ -33,6 +33,8 @@ def ssh_lib_guess() return SSHScan::SSHLib::DOPRASSH.new() when /cryptlib/i return SSHScan::SSHLib::Cryptlib.new() + when /mpssh/i + return SSHScan::SSHLib::Mpssh.new(@string) when /dropbear/i return SSHScan::SSHLib::Dropbear.new(@string) when /RomSShell/i diff --git a/lib/ssh_scan/ssh_lib.rb b/lib/ssh_scan/ssh_lib.rb index c5a474bf..e5430b6d 100644 --- a/lib/ssh_scan/ssh_lib.rb +++ b/lib/ssh_scan/ssh_lib.rb @@ -7,4 +7,5 @@ require 'ssh_scan/ssh_lib/romsshell' require 'ssh_scan/ssh_lib/flowssh' require 'ssh_scan/ssh_lib/cryptlib' +require 'ssh_scan/ssh_lib/mpssh' require 'ssh_scan/ssh_lib/unknown' diff --git a/lib/ssh_scan/ssh_lib/mpssh.rb b/lib/ssh_scan/ssh_lib/mpssh.rb new file mode 100644 index 00000000..44081e2e --- /dev/null +++ b/lib/ssh_scan/ssh_lib/mpssh.rb @@ -0,0 +1,34 @@ +module SSHScan + module SSHLib + class Mpssh + class Version + def initialize(version_string) + @version_string = version_string + end + + def to_s + @version_string + end + end + + def initialize(banner = nil) + @banner = banner + end + + def version() + return nil if @banner.nil? + match = @banner.match(/mpSSH_(\d+[\.\d+]+(p)?(\d+)?)/i) + return nil if match.nil? + return Mpssh::Version.new(match[1]) + end + + def common + "mpssh" + end + + def cpe + "a:mpssh:mpssh" + end + end + end +end diff --git a/spec/ssh_scan/banner/ssh_lib/mpssh_spec.rb b/spec/ssh_scan/banner/ssh_lib/mpssh_spec.rb new file mode 100644 index 00000000..fd6cfad4 --- /dev/null +++ b/spec/ssh_scan/banner/ssh_lib/mpssh_spec.rb @@ -0,0 +1,14 @@ +require 'rspec' +require_relative '../helper' + +describe SSHScan::Banner do + context "when mpssh fingerprinting" do + expectations = { + "SSH-2.0-mpSSH_0.2.1" => { + :ssh_lib_class => SSHScan::SSHLib::Mpssh, + :ssh_lib_version => "0.2.1", + }, + } + checkFingerprints(expectations) + end +end From 67d426905ad7d655ccfb6e8cc4943f7f6eebeeb4 Mon Sep 17 00:00:00 2001 From: Jonathan Claudius Date: Tue, 27 Sep 2016 23:04:13 -0400 Subject: [PATCH 07/11] Add sentryssh --- lib/ssh_scan/banner.rb | 2 ++ lib/ssh_scan/ssh_lib.rb | 1 + lib/ssh_scan/ssh_lib/sentryssh.rb | 17 +++++++++++++++++ spec/ssh_scan/banner/ssh_lib/sentryssh_spec.rb | 18 ++++++++++++++++++ 4 files changed, 38 insertions(+) create mode 100644 lib/ssh_scan/ssh_lib/sentryssh.rb create mode 100644 spec/ssh_scan/banner/ssh_lib/sentryssh_spec.rb diff --git a/lib/ssh_scan/banner.rb b/lib/ssh_scan/banner.rb index 46bf59c7..1ab74b15 100644 --- a/lib/ssh_scan/banner.rb +++ b/lib/ssh_scan/banner.rb @@ -33,6 +33,8 @@ def ssh_lib_guess() return SSHScan::SSHLib::DOPRASSH.new() when /cryptlib/i return SSHScan::SSHLib::Cryptlib.new() + when /ServerTech_SSH|Mocana SSH/i + return SSHScan::SSHLib::SentrySSH.new() when /mpssh/i return SSHScan::SSHLib::Mpssh.new(@string) when /dropbear/i diff --git a/lib/ssh_scan/ssh_lib.rb b/lib/ssh_scan/ssh_lib.rb index e5430b6d..f7c6f879 100644 --- a/lib/ssh_scan/ssh_lib.rb +++ b/lib/ssh_scan/ssh_lib.rb @@ -8,4 +8,5 @@ require 'ssh_scan/ssh_lib/flowssh' require 'ssh_scan/ssh_lib/cryptlib' require 'ssh_scan/ssh_lib/mpssh' +require 'ssh_scan/ssh_lib/sentryssh' require 'ssh_scan/ssh_lib/unknown' diff --git a/lib/ssh_scan/ssh_lib/sentryssh.rb b/lib/ssh_scan/ssh_lib/sentryssh.rb new file mode 100644 index 00000000..ee72b858 --- /dev/null +++ b/lib/ssh_scan/ssh_lib/sentryssh.rb @@ -0,0 +1,17 @@ +module SSHScan + module SSHLib + class SentrySSH + def common + "sentryssh" + end + + def cpe + "a:servertech:sentryssh" + end + + def version + nil + end + end + end +end diff --git a/spec/ssh_scan/banner/ssh_lib/sentryssh_spec.rb b/spec/ssh_scan/banner/ssh_lib/sentryssh_spec.rb new file mode 100644 index 00000000..7c3f1ab4 --- /dev/null +++ b/spec/ssh_scan/banner/ssh_lib/sentryssh_spec.rb @@ -0,0 +1,18 @@ +require 'rspec' +require_relative '../helper' + +describe SSHScan::Banner do + context "when sentryssh fingerprinting" do + expectations = { + "SSH-2.0-Mocana SSH" => { + :ssh_lib_class => SSHScan::SSHLib::SentrySSH, + :ssh_lib_version => "", + }, + "SSH-2.0-ServerTech_SSH" => { + :ssh_lib_class => SSHScan::SSHLib::SentrySSH, + :ssh_lib_version => "", + }, + } + checkFingerprints(expectations) + end +end From 62835ff5bf9401915be7a107cf8b95c6cfe8718b Mon Sep 17 00:00:00 2001 From: Jonathan Claudius Date: Tue, 27 Sep 2016 23:09:26 -0400 Subject: [PATCH 08/11] Add ipssh fingerprint --- lib/ssh_scan/banner.rb | 2 ++ lib/ssh_scan/ssh_lib.rb | 1 + lib/ssh_scan/ssh_lib/ipssh.rb | 34 ++++++++++++++++++++++ spec/ssh_scan/banner/ssh_lib/ipssh_spec.rb | 14 +++++++++ 4 files changed, 51 insertions(+) create mode 100644 lib/ssh_scan/ssh_lib/ipssh.rb create mode 100644 spec/ssh_scan/banner/ssh_lib/ipssh_spec.rb diff --git a/lib/ssh_scan/banner.rb b/lib/ssh_scan/banner.rb index 1ab74b15..ddbf84c5 100644 --- a/lib/ssh_scan/banner.rb +++ b/lib/ssh_scan/banner.rb @@ -25,6 +25,8 @@ def ssh_lib_guess() return SSHScan::SSHLib::OpenSSH.new(@string) when /LibSSH/i return SSHScan::SSHLib::LibSSH.new() + when /ipssh/i + return SSHScan::SSHLib::IpSsh.new(@string) when /Cisco/i return SSHScan::SSHLib::CiscoSSH.new() when /ROS/ diff --git a/lib/ssh_scan/ssh_lib.rb b/lib/ssh_scan/ssh_lib.rb index f7c6f879..5884c2e0 100644 --- a/lib/ssh_scan/ssh_lib.rb +++ b/lib/ssh_scan/ssh_lib.rb @@ -9,4 +9,5 @@ require 'ssh_scan/ssh_lib/cryptlib' require 'ssh_scan/ssh_lib/mpssh' require 'ssh_scan/ssh_lib/sentryssh' +require 'ssh_scan/ssh_lib/ipssh' require 'ssh_scan/ssh_lib/unknown' diff --git a/lib/ssh_scan/ssh_lib/ipssh.rb b/lib/ssh_scan/ssh_lib/ipssh.rb new file mode 100644 index 00000000..68f6fad4 --- /dev/null +++ b/lib/ssh_scan/ssh_lib/ipssh.rb @@ -0,0 +1,34 @@ +module SSHScan + module SSHLib + class IpSsh + class Version + def initialize(version_string) + @version_string = version_string + end + + def to_s + @version_string + end + end + + def initialize(banner = nil) + @banner = banner + end + + def version() + return nil if @banner.nil? + match = @banner.match(/IPSSH-(\d+[\.\d+]+(p)?(\d+)?)/) + return nil if match.nil? + return IpSsh::Version.new(match[1]) + end + + def common + "ipssh" + end + + def cpe + "a:ipssh:ipssh" + end + end + end +end diff --git a/spec/ssh_scan/banner/ssh_lib/ipssh_spec.rb b/spec/ssh_scan/banner/ssh_lib/ipssh_spec.rb new file mode 100644 index 00000000..8305daeb --- /dev/null +++ b/spec/ssh_scan/banner/ssh_lib/ipssh_spec.rb @@ -0,0 +1,14 @@ +require 'rspec' +require_relative '../helper' + +describe SSHScan::Banner do + context "when ipssh fingerprinting" do + expectations = { + "SSH-2.0-IPSSH-6.6.0" => { + :ssh_lib_class => SSHScan::SSHLib::IpSsh, + :ssh_lib_version => "6.6.0", + }, + } + checkFingerprints(expectations) + end +end From 169cecd896ffe7e1f238a4287ed3b102b81fe4e7 Mon Sep 17 00:00:00 2001 From: Jonathan Claudius Date: Tue, 27 Sep 2016 23:12:11 -0400 Subject: [PATCH 09/11] Add pgp fingerprint --- lib/ssh_scan/banner.rb | 2 ++ lib/ssh_scan/ssh_lib.rb | 1 + lib/ssh_scan/ssh_lib/pgp.rb | 17 +++++++++++++++++ spec/ssh_scan/banner/ssh_lib/pgp_spec.rb | 14 ++++++++++++++ 4 files changed, 34 insertions(+) create mode 100644 lib/ssh_scan/ssh_lib/pgp.rb create mode 100644 spec/ssh_scan/banner/ssh_lib/pgp_spec.rb diff --git a/lib/ssh_scan/banner.rb b/lib/ssh_scan/banner.rb index ddbf84c5..a34e4e78 100644 --- a/lib/ssh_scan/banner.rb +++ b/lib/ssh_scan/banner.rb @@ -35,6 +35,8 @@ def ssh_lib_guess() return SSHScan::SSHLib::DOPRASSH.new() when /cryptlib/i return SSHScan::SSHLib::Cryptlib.new() + when /pgp/i + return SSHScan::SSHLib::PGP.new() when /ServerTech_SSH|Mocana SSH/i return SSHScan::SSHLib::SentrySSH.new() when /mpssh/i diff --git a/lib/ssh_scan/ssh_lib.rb b/lib/ssh_scan/ssh_lib.rb index 5884c2e0..8da053d4 100644 --- a/lib/ssh_scan/ssh_lib.rb +++ b/lib/ssh_scan/ssh_lib.rb @@ -10,4 +10,5 @@ require 'ssh_scan/ssh_lib/mpssh' require 'ssh_scan/ssh_lib/sentryssh' require 'ssh_scan/ssh_lib/ipssh' +require 'ssh_scan/ssh_lib/pgp' require 'ssh_scan/ssh_lib/unknown' diff --git a/lib/ssh_scan/ssh_lib/pgp.rb b/lib/ssh_scan/ssh_lib/pgp.rb new file mode 100644 index 00000000..67a92e6a --- /dev/null +++ b/lib/ssh_scan/ssh_lib/pgp.rb @@ -0,0 +1,17 @@ +module SSHScan + module SSHLib + class PGP + def common + "pgp" + end + + def cpe + "a:pgp:pgp" + end + + def version + nil + end + end + end +end diff --git a/spec/ssh_scan/banner/ssh_lib/pgp_spec.rb b/spec/ssh_scan/banner/ssh_lib/pgp_spec.rb new file mode 100644 index 00000000..238ad8e0 --- /dev/null +++ b/spec/ssh_scan/banner/ssh_lib/pgp_spec.rb @@ -0,0 +1,14 @@ +require 'rspec' +require_relative '../helper' + +describe SSHScan::Banner do + context "when pgp fingerprinting" do + expectations = { + "SSH-2.0-PGP" => { + :ssh_lib_class => SSHScan::SSHLib::PGP, + :ssh_lib_version => "", + }, + } + checkFingerprints(expectations) + end +end From ebee7264a8a2cea4b337b5965776629711887bee Mon Sep 17 00:00:00 2001 From: Jonathan Claudius Date: Tue, 27 Sep 2016 23:25:17 -0400 Subject: [PATCH 10/11] Add nosssh fingerprint --- lib/ssh_scan/banner.rb | 2 ++ lib/ssh_scan/ssh_lib.rb | 1 + lib/ssh_scan/ssh_lib/nosssh.rb | 34 +++++++++++++++++++++ spec/ssh_scan/banner/ssh_lib/nosssh_spec.rb | 14 +++++++++ 4 files changed, 51 insertions(+) create mode 100644 lib/ssh_scan/ssh_lib/nosssh.rb create mode 100644 spec/ssh_scan/banner/ssh_lib/nosssh_spec.rb diff --git a/lib/ssh_scan/banner.rb b/lib/ssh_scan/banner.rb index a34e4e78..d622e25b 100644 --- a/lib/ssh_scan/banner.rb +++ b/lib/ssh_scan/banner.rb @@ -35,6 +35,8 @@ def ssh_lib_guess() return SSHScan::SSHLib::DOPRASSH.new() when /cryptlib/i return SSHScan::SSHLib::Cryptlib.new() + when /NOS-SSH/i + return SSHScan::SSHLib::NosSSH.new(@string) when /pgp/i return SSHScan::SSHLib::PGP.new() when /ServerTech_SSH|Mocana SSH/i diff --git a/lib/ssh_scan/ssh_lib.rb b/lib/ssh_scan/ssh_lib.rb index 8da053d4..ecf2e312 100644 --- a/lib/ssh_scan/ssh_lib.rb +++ b/lib/ssh_scan/ssh_lib.rb @@ -11,4 +11,5 @@ require 'ssh_scan/ssh_lib/sentryssh' require 'ssh_scan/ssh_lib/ipssh' require 'ssh_scan/ssh_lib/pgp' +require 'ssh_scan/ssh_lib/nosssh' require 'ssh_scan/ssh_lib/unknown' diff --git a/lib/ssh_scan/ssh_lib/nosssh.rb b/lib/ssh_scan/ssh_lib/nosssh.rb new file mode 100644 index 00000000..6175688d --- /dev/null +++ b/lib/ssh_scan/ssh_lib/nosssh.rb @@ -0,0 +1,34 @@ +module SSHScan + module SSHLib + class NosSSH + class Version + def initialize(version_string) + @version_string = version_string + end + + def to_s + @version_string + end + end + + def initialize(banner = nil) + @banner = banner + end + + def version() + return nil if @banner.nil? + match = @banner.match(/NOS-SSH_(\d+[\.\d+]+)/) + return nil if match.nil? + return NosSSH::Version.new(match[1]) + end + + def common + "nosssh" + end + + def cpe + "a:nosssh:nosssh" + end + end + end +end diff --git a/spec/ssh_scan/banner/ssh_lib/nosssh_spec.rb b/spec/ssh_scan/banner/ssh_lib/nosssh_spec.rb new file mode 100644 index 00000000..23d14ff4 --- /dev/null +++ b/spec/ssh_scan/banner/ssh_lib/nosssh_spec.rb @@ -0,0 +1,14 @@ +require 'rspec' +require_relative '../helper' + +describe SSHScan::Banner do + context "when nosssh fingerprinting" do + expectations = { + "SSH-2.0-NOS-SSH_2.0" => { + :ssh_lib_class => SSHScan::SSHLib::NosSSH, + :ssh_lib_version => "2.0", + }, + } + checkFingerprints(expectations) + end +end From c09ece5336d3f9c1c52d6994d8a281e3880cda20 Mon Sep 17 00:00:00 2001 From: Jonathan Claudius Date: Tue, 27 Sep 2016 23:29:57 -0400 Subject: [PATCH 11/11] Fix openssh bug introduced --- lib/ssh_scan/ssh_lib/openssh.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/ssh_scan/ssh_lib/openssh.rb b/lib/ssh_scan/ssh_lib/openssh.rb index 894934fa..734c15ef 100644 --- a/lib/ssh_scan/ssh_lib/openssh.rb +++ b/lib/ssh_scan/ssh_lib/openssh.rb @@ -17,7 +17,7 @@ def initialize(banner = nil) def version() return nil if @banner.nil? - match = @banner.match(/RomSShell_(\d+[\.\d+]+(p)?(\d+)?)/) + match = @banner.match(/OpenSSH_(\d+[\.\d+]+(p)?(\d+)?)/) return nil if match.nil? return OpenSSH::Version.new(match[1]) end