Nmap Development mailing list archives
Re: Libssh2 Binding
From: devin bjelland <devinbjelland () gmail com>
Date: Wed, 30 Jul 2014 11:35:32 -0500
It would certainly be possible to implement more of the ssh2 protocol in Lua. ssh2.lua currently just contains code to parse ssh2 packets and extract the hostkeys. The rationale for using a pre-existing library like libssh2 is that the entire ssh protocol is rather large and complex. This way, we know we have a efficient implementation and can easily add bindings for more functions as needed. For example, there is a script suggestion to be able run commands remotely over ssh [1]. This will be straightforward and short using the libshh2 library. In order to implement the functionality in ssh2.lua, we would have to write a fair bit of logic dealing with handling ssh2 channels. Devin [1] https://secwiki.org/w/Nmap/Script_Ideas#Linux.2FUNIX_local_commands_over_ssh On Wed, Jul 30, 2014 at 9:02 AM, George Chatzisofroniou <sophron () latthi com> wrote:
Hi Devin, On Fri, Jul 25, 2014 at 02:20:05PM -0500, devin bjelland wrote:Hi everyone, If you have been following my status reports, you will know that the last few weeks I have been working on a binding for libssh2. The motivationforthe binding is that ssh2 is a relatively complex protocol and there are several high priority scripts ideas that interact with ssh2 [1]. You can check out my branch at /nmap-exp/devin/libssh2-integration. This is *nix only due to the way we employ nsock. For performancereasons,we reuse the NSE Nsock socket pool. In order to do this, we give libssh2aunix socket pair [2] instead of a network socket. We read the data out of the other end of the socket pair and pass it to Nsock. Currently, the plan is to not include libssh2 with nmap. To configure support for libssh2: ./configure --with-libssh2=<path to library> or ./configure --with-libssh2 if you have libssh2 installed in your path. Compile as usual. My branch contains bindings for the basic functions needed to interact withlibssh2.The branch also has two new scripts to interact with the binding. This first script simply lists the available authentication methods on the server and can be used with ./nmap -p 22 --script=ssh-userauth-list <target> The other script attempts to brute force the ssh server. You can try it with the default wordlist with: ./nmap -vv -p 22 --script=ssh-brute --datadir=./ <target> More scripts will follow. I'm interested to see what the community would like done in terms of ssh support.Is it possible to have the needed functionality written in Lua instead of pointing to the existing C library? There is currently ssh2.lua that contains some functions for the protocol. Would it be hard to extend it? -- George Chatzisofroniou
_______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Libssh2 Binding devin bjelland (Jul 25)
- Re: Libssh2 Binding George Chatzisofroniou (Jul 30)
- Re: Libssh2 Binding devin bjelland (Jul 30)
- Re: Libssh2 Binding George Chatzisofroniou (Jul 30)