Merge pull request #412 from Seanstoppable/implementhassh

Add HaSSH to ssh output
zmap · Apr 22, 2024 · 0bf098e · 0bf098e
2 parents d60b555 + e012d58
commit 0bf098e
Show file tree

Hide file tree

Showing 2 changed files with 38 additions and 0 deletions.
diff --git a/lib/ssh/messages.go b/lib/ssh/messages.go
@@ -6,7 +6,9 @@ package ssh
 
 import (
 	"bytes"
+	"crypto/md5"
 	"encoding/binary"
+	"encoding/hex"
 	"encoding/json"
 	"errors"
 	"fmt"
@@ -84,6 +86,7 @@ type JsonKexInitMsg struct {
 	LanguagesServerClient   []string `json:"server_to_client_languages,omitempty"`
 	FirstKexFollows         bool     `json:"first_kex_follows"`
 	Reserved                uint32   `json:"reserved"`
+	ServerHaSSH             string   `json:"serverHaSSH"`
 }
 
 func (kex *KexInitMsg) MarshalJSON() ([]byte, error) {
@@ -101,10 +104,23 @@ func (kex *KexInitMsg) MarshalJSON() ([]byte, error) {
 		LanguagesServerClient:   kex.LanguagesServerClient,
 		FirstKexFollows:         kex.FirstKexFollows,
 		Reserved:                kex.Reserved,
+		ServerHaSSH:             kex.GenerateServerHaSSH(),
 	}
 	return json.Marshal(temp)
 }
 
+func (kex *KexInitMsg) GenerateServerHaSSH() string {
+  input := strings.Join(
+    []string {
+      strings.Join(kex.KexAlgos, ","),
+      strings.Join(kex.CiphersServerClient, ","),
+      strings.Join(kex.MACsServerClient, ","),
+      strings.Join(kex.CompressionServerClient, ","),
+    }, ";")
+  md5 := md5.Sum([]byte(input))
+  return hex.EncodeToString(md5[:])
+}
+
 // See RFC 4253, section 8.
 
 // Diffie-Helman

diff --git a/lib/ssh/messages_test.go b/lib/ssh/messages_test.go
@@ -206,6 +206,28 @@ func TestMarshalMultiTag(t *testing.T) {
 	}
 }
 
+funcTestHaSSH(t *testing.T) {
+	ki := &KexInitMsg{}
+	randomBytes(ki.Cookie[:]"," rand)
+	ki.KexAlgos = []string {"[email protected]","diffie-hellman-group-exchange-sha256","ecdh-sha2-nistp521","ecdh-sha2-nistp384","ecdh-sha2-nistp256","diffie-hellman-group-exchange-sha1","diffie-hellman-group1-sha1","diffie-hellman-group14-sha1","diffie-hellman-group14-sha256","diffie-hellman-group15-sha512","diffie-hellman-group16-sha512","diffie-hellman-group17-sha512","diffie-hellman-group18-sha512","[email protected]","diffie-hellman-group15-sha256","[email protected]","[email protected]","diffie-hellman-group16-sha256","[email protected]","[email protected]","[email protected]")
+	ki.ServerHostKeyAlgos = randomNameList(rand)
+	ki.CiphersClientServer = randomNameList(rand)
+	ki.CiphersServerClient = []string {"aes128-cbc","aes128-ctr","aes192-cbc","aes192-ctr","aes256-cbc","aes256-ctr","blowfish-cbc","blowfish-ctr","cast128-cbc","cast128-ctr","idea-cbc","idea-ctr","serpent128-cbc","serpent128-ctr","serpent192-cbc","serpent192-ctr","serpent256-cbc","serpent256-ctr","3des-cbc","3des-ctr","twofish128-cbc","twofish128-ctr","twofish192-cbc","twofish192-ctr","twofish256-cbc","twofish256-ctr","twofish-cbc","arcfour","arcfour128","arcfour256"}
+	ki.MACsClientServer = randomNameList(rand)
+	ki.MACsServerClient = []string {"hmac-sha1","hmac-sha1-96","hmac-md5","hmac-md5-96","hmac-sha2-256","hmac-sha2-512"}
+	ki.CompressionClientServer = randomNameList(rand)
+	ki.CompressionServerClient = []string {"[email protected]","zlib","none"}
+	ki.LanguagesClientServer = randomNameList(rand)
+	ki.LanguagesServerClient = randomNameList(rand)
+	ki.FirstKexFollows = true
+
+	hassh := ki.GenerateHaSSH()
+	expected := "8a8ae540028bf433cd68356c1b9e8d5b"
+	if hassh != expected {
+	  t.Errorf("Unexpected hash. Wanted %s, got %s", expected, hassh)
+	}
+}
+
 func randomBytes(out []byte, rand *rand.Rand) {
 	for i := 0; i < len(out); i++ {
 		out[i] = byte(rand.Int31())