Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Libssh2 Binding

From: George Chatzisofroniou <sophron () latthi com>
Date: Wed, 30 Jul 2014 17:02:40 +0300
Hi Devin,

On Fri, Jul 25, 2014 at 02:20:05PM -0500, devin bjelland wrote:

Hi everyone,

If you have been following my status reports, you will know that the last
few weeks I have been working on a binding for libssh2. The motivation for
the binding is that ssh2 is a relatively complex protocol and there are
several high priority scripts ideas that interact with ssh2 [1]. You can
check out my branch at /nmap-exp/devin/libssh2-integration.

This is *nix only due to the way we employ nsock. For performance reasons,
we reuse the NSE Nsock socket pool. In order to do this, we give libssh2 a
unix socket pair [2] instead of a network socket. We read the data out of
the other end of the socket pair and pass it to Nsock.

Currently, the plan is to not include libssh2 with nmap. To configure
support for libssh2:
./configure --with-libssh2=<path to library>
or
./configure --with-libssh2
if you have libssh2 installed in your path. Compile as usual. My branch
contains bindings for the basic functions needed to interact with libssh2.
The branch also has two new scripts to interact with the binding. This
first script simply lists the available authentication methods on the
server and can be used with

./nmap -p 22 --script=ssh-userauth-list <target>

The other script attempts to brute force the ssh server. You can try it
with the default wordlist with:

./nmap -vv -p 22 --script=ssh-brute --datadir=./ <target>

More scripts will follow. I'm interested to see what the community would
like done in terms of ssh support.


Is it possible to have the needed functionality written in Lua instead of
pointing to the existing C library? There is currently ssh2.lua that contains
some functions for the protocol. Would it be hard to extend it?

-- 
George Chatzisofroniou
_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: