Nmap Development mailing list archives
Re: Bad ssh keys cause script failure
From: Daniel Miller <bonsaiviking () gmail com>
Date: Thu, 24 Sep 2015 20:02:17 -0500
Peter, Thanks for this bug report. I believe this is a known issue that was fixed in 6.49BETA1, though it didn't make it into the changelog. The problem that was fixed was not the key being "bad" but the key exchange requiring the Oakley group 14 prime for diffie-hellman [1]. If this is *not* the problem you are seeing, please let us know and include some information like a packet capture or server configuration so we can correct the problem. Dan [1] http://seclists.org/nmap-dev/2014/q3/359 On Mon, Sep 14, 2015 at 11:55 PM, Peter Davis <peter.davis8 () gmail com> wrote:
Hello, It seems that if one an ssh key matches an nmap target and the ssh key is bad in some way, the nmap script `ssh-hostkey` fails. Obviously not directly an nmap problem, but thought you might like to know. This is using a freshly installed 6.87 from homebrew. Relevant traceback is below. ...... Completed Service scan at 14:47, 0.00s elapsed (1 service on 1 host) NSE: Script scanning 192.168.11.31. NSE: Starting runlevel 1 (of 2) scan. NSE: Starting address-info against 192.168.11.31. NSE: Starting ssh-hostkey against 192.168.11.31:22. NSE: Starting sshv1 against 192.168.11.31:22. Initiating NSE at 14:47 NSE: Finished address-info against 192.168.11.31. NSE: Finished sshv1 against 192.168.11.31:22. NSE: ssh-hostkey against 192.168.11.31:22 threw an error! /usr/local/bin/../share/nmap/nselib/ssh2.lua:86: assertion failed! stack traceback: [C]: in function 'assert' /usr/local/bin/../share/nmap/nselib/ssh2.lua:86: in function 'payload' /usr/local/bin/../share/nmap/nselib/ssh2.lua:199: in function 'fetch_host_key' /usr/local/bin/../share/nmap/scripts/ssh-hostkey.nse:277: in function </usr/local/bin/../share/nmap/scripts/ssh-hostkey.nse:267> (...tail calls...) Completed NSE at 14:47, 0.01s elapsed ..... Regards, Peter _______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
_______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Bad ssh keys cause script failure Peter Davis (Sep 15)
- Re: Bad ssh keys cause script failure Daniel Miller (Sep 24)