mirror of
https://github.com/jtesta/ssh-audit.git
synced 2024-12-22 09:05:10 +01:00
Add initial code for Diffie-Hellman key exchange.
This commit is contained in:
parent
926b78889e
commit
5af8859d6b
45
ssh-audit.py
45
ssh-audit.py
@ -24,7 +24,7 @@
|
||||
THE SOFTWARE.
|
||||
"""
|
||||
from __future__ import print_function
|
||||
import os, io, sys, socket, struct
|
||||
import os, io, sys, socket, struct, random
|
||||
|
||||
SSH_BANNER = 'SSH-2.0-OpenSSH_7.2'
|
||||
|
||||
@ -226,7 +226,7 @@ class SSH(object):
|
||||
if padding < 4:
|
||||
padding += 8
|
||||
plen = len(payload) + padding + 1
|
||||
pad_bytes = '\x00' * padding
|
||||
pad_bytes = b'\x00' * padding
|
||||
data = struct.pack('>Ib', plen, padding) + payload + pad_bytes
|
||||
self.send(data)
|
||||
|
||||
@ -243,6 +243,47 @@ class SSH(object):
|
||||
except:
|
||||
pass
|
||||
|
||||
class KexDH(object):
|
||||
def __init__(self, alg, g, p):
|
||||
self.__alg = alg
|
||||
self.__g = g
|
||||
self.__p = p
|
||||
self.__q = (self.__p - 1) // 2
|
||||
self.__x = None
|
||||
|
||||
def send_init(self, s):
|
||||
r = random.SystemRandom()
|
||||
self.__x = r.randrange(2, self.__q)
|
||||
self.__e = pow(self.__g, self.__x, self.__p)
|
||||
s.write_byte(SSH.MSG_KEXDH_INIT)
|
||||
s.write_mpint(self.__e)
|
||||
s.send_packet()
|
||||
|
||||
class KexGroup1(KexDH):
|
||||
def __init__(self):
|
||||
# rfc2409: second oakley group
|
||||
p = int('ffffffffffffffffc90fdaa22168c234c4c6628b80dc1cd129024e088a67'
|
||||
'cc74020bbea63b139b22514a08798e3404ddef9519b3cd3a431b302b0a6d'
|
||||
'f25f14374fe1356d6d51c245e485b576625e7ec6f44c42e9a637ed6b0bff'
|
||||
'5cb6f406b7edee386bfb5a899fa5ae9f24117c4b1fe649286651ece65381'
|
||||
'ffffffffffffffff', 16)
|
||||
super(KexGroup1, self).__init__('sha1', 2, p)
|
||||
|
||||
class KexGroup14(KexDH):
|
||||
def __init__(self):
|
||||
# rfc3526: 2048-bit modp group
|
||||
p = int('ffffffffffffffffc90fdaa22168c234c4c6628b80dc1cd129024e088a67'
|
||||
'cc74020bbea63b139b22514a08798e3404ddef9519b3cd3a431b302b0a6d'
|
||||
'f25f14374fe1356d6d51c245e485b576625e7ec6f44c42e9a637ed6b0bff'
|
||||
'5cb6f406b7edee386bfb5a899fa5ae9f24117c4b1fe649286651ece45b3d'
|
||||
'c2007cb8a163bf0598da48361c55d39a69163fa8fd24cf5f83655d23dca3'
|
||||
'ad961c62f356208552bb9ed529077096966d670c354e4abc9804f1746c08'
|
||||
'ca18217c32905e462e36ce3be39e772c180e86039b2783a2ec07a28fb5c5'
|
||||
'5df06f4c52c9de2bcbf6955817183995497cea956ae515d2261898fa0510'
|
||||
'15728e5a8aacaa68ffffffffffffffff', 16)
|
||||
super(KexGroup14, self).__init__('sha1', 2, p)
|
||||
|
||||
|
||||
def get_ssh_ver(versions):
|
||||
tv = []
|
||||
for v in versions.split(','):
|
||||
|
Loading…
Reference in New Issue
Block a user