Re: Libssh2 Binding

[devin bjelland <devinbjelland () gmail com>]

It would certainly be possible to implement more of the ssh2 protocol in
Lua. ssh2.lua currently just contains code to parse ssh2 packets and
extract the hostkeys. The rationale for using a pre-existing library like
libssh2 is that the entire ssh protocol is rather large and complex. This
way, we know we have a efficient implementation and can easily add bindings
for more functions as needed.
For example, there is a script suggestion to be able run commands remotely
over ssh [1]. This will be straightforward and short using the libshh2
library. In order to implement the functionality in ssh2.lua, we would have
to write a fair bit of logic dealing with handling ssh2 channels.

Devin

[1]
https://secwiki.org/w/Nmap/Script_Ideas#Linux.2FUNIX_local_commands_over_ssh


On Wed, Jul 30, 2014 at 9:02 AM, George Chatzisofroniou <sophron () latthi com>
wrote:

> Hi Devin,
>
> On Fri, Jul 25, 2014 at 02:20:05PM -0500, devin bjelland wrote:
> > Hi everyone,
> >
> > If you have been following my status reports, you will know that the last
> > few weeks I have been working on a binding for libssh2. The motivation
> for
> > the binding is that ssh2 is a relatively complex protocol and there are
> > several high priority scripts ideas that interact with ssh2 [1]. You can
> > check out my branch at /nmap-exp/devin/libssh2-integration.
> >
> > This is *nix only due to the way we employ nsock. For performance
> reasons,
> > we reuse the NSE Nsock socket pool. In order to do this, we give libssh2
> a
> > unix socket pair [2] instead of a network socket. We read the data out of
> > the other end of the socket pair and pass it to Nsock.
> >
> > Currently, the plan is to not include libssh2 with nmap. To configure
> > support for libssh2:
> > ./configure --with-libssh2=<path to library>
> > or
> > ./configure --with-libssh2
> > if you have libssh2 installed in your path. Compile as usual. My branch
> > contains bindings for the basic functions needed to interact with
> libssh2.
> > The branch also has two new scripts to interact with the binding. This
> > first script simply lists the available authentication methods on the
> > server and can be used with
> >
> > ./nmap -p 22 --script=ssh-userauth-list <target>
> >
> > The other script attempts to brute force the ssh server. You can try it
> > with the default wordlist with:
> >
> > ./nmap -vv -p 22 --script=ssh-brute --datadir=./ <target>
> >
> > More scripts will follow. I'm interested to see what the community would
> > like done in terms of ssh support.
>
> Is it possible to have the needed functionality written in Lua instead of
> pointing to the existing C library? There is currently ssh2.lua that
> contains
> some functions for the protocol. Would it be hard to extend it?
>
> --
> George Chatzisofroniou
_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/