-
Notifications
You must be signed in to change notification settings - Fork 2.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
ssh-publickey-acceptance does not work #2917
Comments
One of the issues is rectified by #2919. However, applying this fix seems to allow the execution to reach some other faulty code further down, when testing the actual authentication in |
Looks to me like the session is freed at some point for valid user/key combinations and not handled correctly afterwards. Appears to fail in libssh2/src/userauth.c, line 1706 on LIBSSH2_FREE. I added a related check I found to the callback function, which seems to fix the issue. |
Simply returning 1 on callback also seems to be sufficient, so we hit the callback error check in userauth.c, line 1683 #2924 |
What seems to be happening is the following:
Since this already confirms we "canauth()" I think it's safe to exit from the authentication process at this point by returning 1 from the callback and triggering the callback error. |
Describe the bug
Running the ssh-publickey-acceptance NSE script gives false negative when testing my own public key against my own server.
To Reproduce
nmap -p 22 --script ssh-publickey-acceptance --script-args "ssh.usernames={'root'}, ssh.publickeys={'./id_rsa.pub'}" myserver.com
Expected behavior
Script should tell me the public key is accepted
Version info (please complete the following information):
nmap --version
:The text was updated successfully, but these errors were encountered: