OpenVAS Libraries
8.0.3
|
Implementation of an API for SSH functions. More...
#include <arpa/inet.h>
#include <netinet/in.h>
#include <sys/select.h>
#include <sys/socket.h>
#include <sys/time.h>
#include <sys/types.h>
#include <stdlib.h>
#include <fcntl.h>
#include <errno.h>
#include <stdio.h>
#include <string.h>
#include <ctype.h>
#include <unistd.h>
#include <glib.h>
#include <glib/gstdio.h>
#include <gcrypt.h>
#include "nasl_tree.h"
#include "nasl_global_ctxt.h"
#include "nasl_func.h"
#include "nasl_var.h"
#include "nasl_lex_ctxt.h"
#include "exec.h"
#include "plugutils.h"
#include "kb.h"
#include "nasl_debug.h"
#include "network.h"
#include "../misc/openvas_logging.h"
#include "../misc/prefs.h"
#include "nasl_ssh.h"
Data Structures | |
struct | session_table_item_s |
struct | my_ssh_key_s |
Macros | |
#define | DIM(v) (sizeof(v)/sizeof((v)[0])) |
#define | DIMof(type, member) DIM(((type *)0)->member) |
#define | MAX_SSH_SESSIONS 10 |
Typedefs | |
typedef struct my_ssh_key_s * | my_ssh_key |
Functions | |
tree_cell * | nasl_ssh_connect (lex_ctxt *lexic) |
Connect to the target host via TCP and setup an ssh connection. More... | |
tree_cell * | nasl_ssh_disconnect (lex_ctxt *lexic) |
Disconnect an ssh connection. More... | |
tree_cell * | nasl_ssh_session_id_from_sock (lex_ctxt *lexic) |
Given a socket, return the corresponding session id. More... | |
tree_cell * | nasl_ssh_get_sock (lex_ctxt *lexic) |
Given a session id, return the corresponding socket. More... | |
tree_cell * | nasl_ssh_set_login (lex_ctxt *lexic) |
Set the login name for the authentication. More... | |
tree_cell * | nasl_ssh_userauth (lex_ctxt *lexic) |
Authenticate a user on an ssh connection. More... | |
tree_cell * | nasl_ssh_request_exec (lex_ctxt *lexic) |
Run a command via ssh. More... | |
tree_cell * | nasl_ssh_get_issue_banner (lex_ctxt *lexic) |
Get the issue banner. More... | |
tree_cell * | nasl_ssh_get_server_banner (lex_ctxt *lexic) |
Get the server banner. More... | |
tree_cell * | nasl_ssh_get_auth_methods (lex_ctxt *lexic) |
Get the list of authmethods. More... | |
tree_cell * | nasl_ssh_shell_open (lex_ctxt *lexic) |
Request an ssh shell. More... | |
tree_cell * | nasl_ssh_shell_read (lex_ctxt *lexic) |
Read the output of an ssh shell. More... | |
tree_cell * | nasl_ssh_shell_write (lex_ctxt *lexic) |
Write string to ssh shell. More... | |
Implementation of an API for SSH functions.
This file contains the implementaion of the Secure Shell related NASL builtin functions. They are only available if build with libssh support.
#define DIM | ( | v | ) | (sizeof(v)/sizeof((v)[0])) |
#define DIMof | ( | type, | |
member | |||
) | DIM(((type *)0)->member) |
#define MAX_SSH_SESSIONS 10 |
typedef struct my_ssh_key_s* my_ssh_key |
Connect to the target host via TCP and setup an ssh connection.
If the named argument "socket" is given, that socket will be used instead of a creating a new TCP connection. If socket is not given or 0, the port is looked up in the preferences and the KB unless overriden by the named parameter "port".
On success an ssh session to the host has been established; the caller may then run an authentication function. If the connection is no longer needed, ssh_disconnect may be used to disconnect and close the socket.
[in] | lexic | Lexical context of NASL interpreter. |
Disconnect an ssh connection.
This function takes the ssh session id (as returned by ssh_connect) as its only unnamed argument. Passing 0 as session id is explicitly allowed and does nothing. If there are any open channels they are closed as well and their ids will be marked as invalid.
[in] | lexic | Lexical context of NASL interpreter. |
Get the list of authmethods.
The function returns a string with comma separated authentication methods. This is basically the same as returned by SSH_MSG_USERAUTH_FAILURE protocol element; however, it has been screened and put into a definitive order.
[in] | lexic | Lexical context of NASL interpreter. |
Get the issue banner.
The function returns a string with the issue banner. This is usually displayed before authentication.
[in] | lexic | Lexical context of NASL interpreter. |
Get the server banner.
The function returns a string with the server banner. This is usually the first data sent by the server.
[in] | lexic | Lexical context of NASL interpreter. |
Given a session id, return the corresponding socket.
The socket is either a native file descriptor or a NASL connection socket (if a open socket was passed to ssh_connect). The NASL network code handles both of them.
[in] | lexic | Lexical context of NASL interpreter. |
Run a command via ssh.
The function opens a channel to the remote end and ask it to execute a command. The output of the command is then returned as a data block. The first unnamed argument is the session id. The command itself is expected as string in the named argument "cmd".
Regarding the handling of the stderr and stdout stream, this function may be used in different modes.
If either the named arguments stdout or stderr are given and that one is set to 1, only the output of the specified stream is returned.
If stdout and stderr are both given and set to 1, the output of both is returned interleaved. NOTE: The following feature has not yet been implemented: The output is guaranteed not to switch between stderr and stdout within a line.
If stdout and stderr are both given but set to 0, a special backward compatibility mode is used: First all output to stderr is collected up until any output to stdout is received. Then all output to stdout is returned while ignoring all further stderr output; at EOF the initial collected data from stderr is returned.
If the named parameters stdout and stderr are not given, the function acts exactly as if only stdout has been set to 1.
[in] | lexic | Lexical context of NASL interpreter. |
Given a socket, return the corresponding session id.
[in] | lexic | Lexical context of NASL interpreter. |
Set the login name for the authentication.
This is an optional function and usuallay not required. However, if you want to get the banner before starting the authentication, you need to tell libssh the user because it is often not possible to chnage the user after the first call to an authentication methods - getting the banner usees an authntication function.
The named argument "login" is used for the login name; it defaults the KB entry "Secret/SSH/login". It should contain the user name to login. Given that many servers don't allow changing the login for an established connection, the "login" parameter is silently ignored on all further calls.
[in] | lexic | Lexical context of NASL interpreter. |
Request an ssh shell.
[in] | lexic | Lexical context of NASL interpreter. |
Read the output of an ssh shell.
[in] | lexic | Lexical context of NASL interpreter. |
Write string to ssh shell.
[in] | lexic | Lexical context of NASL interpreter. |
Authenticate a user on an ssh connection.
The function expects the session id as its first unnamed argument. The first time this function is called for a session id, the named argument "login" is also expected; it defaults the KB entry "Secret/SSH/login". It should contain the user name to login. Given that many servers don't allow changing the login for an established connection, the "login" parameter is silently ignored on all further calls.
To perform a password based authentication, the named argument "password" must contain a password.
To perform a public key based authentication, the named argument "privatekey" must contain a base64 encoded private key in ssh native or in PKCS#8 format.
If both, "password" and "privatekey" are given as named arguments only "password" is used. If neither are given the values are taken from the KB ("Secret/SSH/password" and "Secret/SSH/privatekey") and tried in the order {password, privatekey}. Note well, that if one of the named arguments are given, only those are used and the KB is not consulted.
If the private key is protected, its passphrase is taken from the named argument "passphrase" or, if not given, taken from the KB ("Secret/SSH/passphrase").
Note that the named argument "publickey" and the KB item ("Secret/SSH/publickey") are ignored - they are not longer required because they can be derived from the private key.
[in] | lexic | Lexical context of NASL interpreter. |