Nmap Development mailing list archives
Re: [NSE] script to check for weak SSH hostkeys
From: Sven Klemm <sven () c3d2 de>
Date: Sun, 19 Oct 2008 08:36:00 +0200
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 David Fifield wrote:
On Sat, Oct 18, 2008 at 03:48:27PM +0200, Sven Klemm wrote:attached is a script to check for weak SSH hostkeys. I am not sure about merging this into nmap trunk because it depends on data files not part of nmap. You can get those files for example from here: http://packages.debian.org/source/testing/openssh-blacklist http://packages.debian.org/source/testing/openssh-blacklist-extra It expects to find the blacklists in NMAPDATADIR with the following name: openssh.blacklist.$algorithm-$bitsAre there one or two common places where the blacklists are commonly installed? On Debian I have /etc/ssh/blacklist.DSA-1024 and /etc/ssh/blacklist.RSA-2048, which I believe were installed along with an openssh update after the OpenSSL vulnerability was fixed. If there is such a common place I think it would be better to check there rather than in one of Nmap's directories, where no one will install the blacklists unless they are specifically looking for weak keys. Nmap's directory could also be used.
On Debian they are installed in /usr/share/ssh. The problem with this place is it will not work on windows. I am not sure whether I can check for windows from within nse but I could check in NMAPDATADIR, /usr/share/ssh and then /etc/ssh the last two checks will probably always fail on windows. Cheers, Sven - -- Sven Klemm http://cthulhu.c3d2.de/~sven/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEUEARECAAYFAkj61VAACgkQevlgTHEIT4aK4ACXd2tQweo1UtqC/GGMHGdSM1Wg uQCfSwZbQfy+MNPTC5Q3NDxBJtxoTHk= =cZmC -----END PGP SIGNATURE----- _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- [NSE] script to check for weak SSH hostkeys Sven Klemm (Oct 18)
- Re: [NSE] script to check for weak SSH hostkeys David Fifield (Oct 18)
- Re: [NSE] script to check for weak SSH hostkeys Sven Klemm (Oct 18)
- Re: [NSE] script to check for weak SSH hostkeys Fyodor (Oct 19)
- Re: [NSE] script to check for weak SSH hostkeys Arturo 'Buanzo' Busleiman (Oct 19)
- Re: [NSE] script to check for weak SSH hostkeys Sven Klemm (Oct 19)
- Re: [NSE] script to check for weak SSH hostkeys Arturo 'Buanzo' Busleiman (Oct 19)
- Re: [NSE] script to check for weak SSH hostkeys David Fifield (Oct 18)