Re: [NSE] script to check for weak SSH hostkeys

[Sven Klemm <sven () c3d2 de>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

David Fifield wrote:
> On Sat, Oct 18, 2008 at 03:48:27PM +0200, Sven Klemm wrote:
> > attached is a script to check for weak SSH hostkeys. I am not sure
> > about merging this into nmap trunk because it depends on data files
> > not part of nmap. You can get those files for example from here:
> > http://packages.debian.org/source/testing/openssh-blacklist
> > http://packages.debian.org/source/testing/openssh-blacklist-extra
> >
> > It expects to find the blacklists in NMAPDATADIR with the following
> > name: openssh.blacklist.$algorithm-$bits
>
> Are there one or two common places where the blacklists are commonly
> installed? On Debian I have /etc/ssh/blacklist.DSA-1024 and
> /etc/ssh/blacklist.RSA-2048, which I believe were installed along with
> an openssh update after the OpenSSL vulnerability was fixed. If there is
> such a common place I think it would be better to check there rather
> than in one of Nmap's directories, where no one will install the
> blacklists unless they are specifically looking for weak keys. Nmap's
> directory could also be used.

On Debian they are installed in /usr/share/ssh. The problem with this
 place is it will not work on windows. I am not sure whether I can
check for windows from within nse but I could check in NMAPDATADIR,
/usr/share/ssh and then /etc/ssh the last two checks will probably
always fail on windows.

Cheers,
Sven

- --
Sven Klemm
http://cthulhu.c3d2.de/~sven/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEUEARECAAYFAkj61VAACgkQevlgTHEIT4aK4ACXd2tQweo1UtqC/GGMHGdSM1Wg
uQCfSwZbQfy+MNPTC5Q3NDxBJtxoTHk=
=cZmC
-----END PGP SIGNATURE-----

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org