New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Get SSH issue banner message with Nmap #1389

Open
manmolecular opened this Issue Nov 14, 2018 · 1 comment

Comments

Projects
None yet
2 participants
@manmolecular

manmolecular commented Nov 14, 2018

Greetings.

I am trying to get an issue.net message (Welcome or Warning banner message from /etc/issue.net file) from a remote SSH server, this message appears immediately after connecting to the server (before the password login prompt, so we don't need to enter a password - we just need to connect to the SSH server).

For example, it looks looks like this:

user@user-pc:~& ssh root@localhost
Ubuntu 18.04.1 LTS
root@localhost's password: 

As you can see, issue welcome message "Ubuntu 18.04.1 LTS" appears before password prompt.

I wanted to ask if there is a way to get this SSH issue.net banner message with Nmap or maybe with some NSE scripts without login? Can this be done with Nmap?

Thanks in advance.

@dmiller-nmap

This comment has been minimized.

dmiller-nmap commented Nov 27, 2018

This is the SSH_MESSAGE_USERAUTH_BANNER message, which is delivered encrypted during authentication. We rely on libssh2 for SSH communication, and libssh2 does not currently support retrieving the banner. But I did take some time and implement it: libssh2/libssh2#274

I also have some private code to use this in NSE, but I can't release it until I have configure checks and preprocessor guards for the appropriate code, since it wouldn't build against anything but my patched version of libssh2. I hope to find a bit more time to work on this soon. Thanks for the idea!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment