OXIESEC PANEL
- Current Dir:
/
/
usr
/
share
/
nmap
/
nselib
Server IP: 139.59.38.164
Upload:
Create Dir:
Name
Size
Modified
Perms
📁
..
-
08/07/2020 12:36:00 PM
rwxr-xr-x
📄
afp.lua
71.92 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
ajp.lua
16.69 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
amqp.lua
10.5 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
anyconnect.lua
4.45 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
asn1.lua
14.57 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
base32.lua
7.33 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
base64.lua
5.67 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
bin.lua
12.89 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
bit.lua
2.43 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
bitcoin.lua
16.99 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
bits.lua
1.82 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
bittorrent.lua
40.77 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
bjnp.lua
9.45 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
brute.lua
50.04 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
cassandra.lua
5.78 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
citrixxml.lua
16 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
coap.lua
76.24 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
comm.lua
10.75 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
creds.lua
18.22 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
cvs.lua
3.13 KB
04/16/2018 01:11:39 AM
rw-r--r--
📁
data
-
08/07/2020 12:36:00 PM
rwxr-xr-x
📄
datafiles.lua
11.05 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
datetime.lua
1.16 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
dhcp.lua
29.17 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
dhcp6.lua
19.87 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
dns.lua
51.44 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
dnsbl.lua
19.02 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
dnssd.lua
12.57 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
drda.lua
24.2 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
eap.lua
7.64 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
eigrp.lua
14.47 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
formulas.lua
5.35 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
ftp.lua
9.03 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
geoip.lua
1.71 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
giop.lua
18.44 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
gps.lua
3.05 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
http.lua
105.81 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
httpspider.lua
36.15 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
iax2.lua
9.6 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
ike.lua
15.02 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
imap.lua
9.59 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
informix.lua
39.76 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
ipOps.lua
26.92 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
ipmi.lua
10.02 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
ipp.lua
12.54 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
irc.lua
757 bytes
04/16/2018 01:11:39 AM
rw-r--r--
📄
iscsi.lua
21.45 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
isns.lua
15.34 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
jdwp.lua
43.57 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
json.lua
11.65 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
ldap.lua
31.86 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
lfs.luadoc
1.68 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
libssh2-utility.lua
4.39 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
libssh2.luadoc
4.75 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
listop.lua
4.66 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
lpeg-utility.lua
5.64 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
lpeg.luadoc
351 bytes
04/16/2018 01:11:39 AM
rw-r--r--
📄
ls.lua
10.96 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
match.lua
2.05 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
membase.lua
9.88 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
mobileme.lua
8.46 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
mongodb.lua
21.29 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
mqtt.lua
28.95 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
msrpc.lua
179.93 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
msrpcperformance.lua
29.72 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
msrpctypes.lua
167.61 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
mssql.lua
110.87 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
multicast.lua
6.1 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
mysql.lua
17.09 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
natpmp.lua
5.04 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
ncp.lua
36 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
ndmp.lua
11.58 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
netbios.lua
13.9 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
nmap.luadoc
40.34 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
nrpc.lua
4.42 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
nsedebug.lua
3.49 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
omp2.lua
4.77 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
openssl.luadoc
7.08 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
ospf.lua
15.29 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
packet.lua
36.65 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
pcre.luadoc
6.79 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
pgsql.lua
20.61 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
pop3.lua
5.7 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
pppoe.lua
29.95 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
proxy.lua
12.04 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
rdp.lua
11.05 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
re.lua
8.22 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
redis.lua
3.59 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
rmi.lua
47.89 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
rpc.lua
106.22 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
rpcap.lua
11.19 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
rsync.lua
5.19 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
rtsp.lua
8.67 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
sasl.lua
16.38 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
shortport.lua
8.01 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
sip.lua
30.56 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
slaxml.lua
17.9 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
smb.lua
175.85 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
smb2.lua
16.32 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
smbauth.lua
37.53 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
smtp.lua
19.81 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
snmp.lua
15.99 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
socks.lua
8.26 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
srvloc.lua
12.25 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
ssh1.lua
8.88 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
ssh2.lua
11.88 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
sslcert.lua
33.34 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
sslv2.lua
9.63 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
stdnse.lua
45.93 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
strbuf.lua
4.52 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
strict.lua
2.53 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
stun.lua
11.51 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
tab.lua
3.35 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
target.lua
3.93 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
tftp.lua
9.38 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
tls.lua
56.16 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
tn3270.lua
43.75 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
tns.lua
64.17 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
unicode.lua
14.32 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
unittest.lua
12.33 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
unpwdb.lua
10.08 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
upnp.lua
11.18 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
url.lua
12.09 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
versant.lua
8.6 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
vnc.lua
23.3 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
vulns.lua
76.29 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
vuzedht.lua
16.62 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
wsdd.lua
12.03 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
xdmcp.lua
11.9 KB
04/16/2018 01:11:39 AM
rw-r--r--
📄
xmpp.lua
15.88 KB
04/16/2018 01:11:39 AM
rw-r--r--
Editing: ssh1.lua
Close
--- -- Functions for the SSH-1 protocol. This module also contains functions for -- formatting key fingerprints. -- -- @author Sven Klemm <sven@c3d2.de> -- @copyright Same as Nmap--See https://nmap.org/book/man-legal.html local bin = require "bin" local bit = require "bit" local io = require "io" local math = require "math" local nmap = require "nmap" local os = require "os" local stdnse = require "stdnse" local string = require "string" local table = require "table" local openssl = stdnse.silent_require "openssl" _ENV = stdnse.module("ssh1", stdnse.seeall) --- Retrieve the size of the packet that is being received -- and checks if it is fully received -- -- This function is very similar to the function generated -- with match.numbytes(num) function, except that this one -- will check for the number of bytes on-the-fly, based on -- the written on the SSH packet. -- -- @param buffer The receive buffer -- @return packet_length, packet_length or nil -- the return is similar to the lua function string:find() check_packet_length = function( buffer ) if #buffer < 4 then return nil end local payload_length, packet_length, offset offset, payload_length = bin.unpack( ">I", buffer ) local padding = 8 - payload_length % 8 assert(payload_length) local total = 4+payload_length+padding; if total > #buffer then return nil end return total, total; end --- Receives a complete SSH packet, even if fragmented -- -- This function is an abstraction layer to deal with -- checking the packet size to know if there is any more -- data to receive. -- -- @param socket The socket used to receive the data -- @return status True or false -- @return packet The packet received receive_ssh_packet = function( socket ) local status, packet = socket:receive_buf(check_packet_length, true) return status, packet end --- Fetch an SSH-1 host key. -- @param host Nmap host table. -- @param port Nmap port table. -- @return A table with the following fields: <code>exp</code>, -- <code>mod</code>, <code>bits</code>, <code>key_type</code>, -- <code>fp_input</code>, <code>full_key</code>, <code>algorithm</code>, and -- <code>fingerprint</code>. fetch_host_key = function(host, port) local socket = nmap.new_socket() local status, _ status = socket:connect(host, port) if not status then return end -- fetch banner status = socket:receive_lines(1) if not status then socket:close(); return end -- send our banner status = socket:send("SSH-1.5-Nmap-SSH1-Hostkey\r\n") if not status then socket:close(); return end local data, packet_length, padding, offset status,data = receive_ssh_packet( socket ) socket:close() if not status then return end offset, packet_length = bin.unpack( ">i", data ) padding = 8 - packet_length % 8 offset = offset + padding if padding + packet_length + 4 == #data then -- seems to be a proper SSH1 packet local msg_code,host_key_bits,exp,mod,length,fp_input offset, msg_code = bin.unpack( ">c", data, offset ) if msg_code == 2 then -- 2 => SSH_SMSG_PUBLIC_KEY -- ignore cookie and server key bits offset, _, _ = bin.unpack( ">A8i", data, offset ) -- skip server key exponent and modulus offset, length = bin.unpack( ">S", data, offset ) offset = offset + math.ceil( length / 8 ) offset, length = bin.unpack( ">S", data, offset ) offset = offset + math.ceil( length / 8 ) offset, host_key_bits = bin.unpack( ">i", data, offset ) offset, length = bin.unpack( ">S", data, offset ) offset, exp = bin.unpack( ">A" .. math.ceil( length / 8 ), data, offset ) exp = openssl.bignum_bin2bn( exp ) offset, length = bin.unpack( ">S", data, offset ) offset, mod = bin.unpack( ">A" .. math.ceil( length / 8 ), data, offset ) mod = openssl.bignum_bin2bn( mod ) fp_input = mod:tobin()..exp:tobin() return {exp=exp,mod=mod,bits=host_key_bits,key_type='rsa1',fp_input=fp_input, full_key=('%d %s %s'):format(host_key_bits, exp:todec(), mod:todec()), key=('%s %s'):format(exp:todec(), mod:todec()), algorithm="RSA1", fingerprint=openssl.md5(fp_input)} end end end --- Format a key fingerprint in hexadecimal. -- @param fingerprint Key fingerprint. -- @param algorithm Key algorithm. -- @param bits Key size in bits. fingerprint_hex = function( fingerprint, algorithm, bits ) fingerprint = stdnse.tohex(fingerprint,{separator=":",group=2}) return ("%d %s (%s)"):format( bits, fingerprint, algorithm ) end --- Format a key fingerprint in Bubble Babble. -- @param fingerprint Key fingerprint. -- @param algorithm Key algorithm. -- @param bits Key size in bits. fingerprint_bubblebabble = function( fingerprint, algorithm, bits ) local vowels = {'a','e','i','o','u','y'} local consonants = {'b','c','d','f','g','h','k','l','m','n','p','r','s','t','v','z','x'} local s = "x" local seed = 1 for i=1,#fingerprint+2,2 do local in1,in2,idx1,idx2,idx3,idx4,idx5 if i < #fingerprint or #fingerprint / 2 % 2 ~= 0 then in1 = fingerprint:byte(i) idx1 = (bit.band(bit.rshift(in1,6),3) + seed) % 6 + 1 idx2 = bit.band(bit.rshift(in1,2),15) + 1 idx3 = (bit.band(in1,3) + math.floor(seed/6)) % 6 + 1 s = s .. vowels[idx1] .. consonants[idx2] .. vowels[idx3] if i < #fingerprint then in2 = fingerprint:byte(i+1) idx4 = bit.band(bit.rshift(in2,4),15) + 1 idx5 = bit.band(in2,15) + 1 s = s .. consonants[idx4] .. '-' .. consonants[idx5] seed = (seed * 5 + in1 * 7 + in2) % 36 end else idx1 = seed % 6 + 1 idx2 = 16 + 1 idx3 = math.floor(seed/6) + 1 s = s .. vowels[idx1] .. consonants[idx2] .. vowels[idx3] end end s = s .. 'x' return ("%d %s (%s)"):format( bits, s, algorithm ) end --- Format a key fingerprint into a visual ASCII art representation. -- -- Ported from http://www.openbsd.org/cgi-bin/cvsweb/~checkout~/src/usr.bin/ssh/key.c. -- @param fingerprint Key fingerprint. -- @param algorithm Key algorithm. -- @param bits Key size in bits. fingerprint_visual = function( fingerprint, algorithm, bits ) local i,j,field,characters,input,fieldsize_x,fieldsize_y,s fieldsize_x, fieldsize_y = 17, 9 characters = {' ','.','o','+','=','*','B','O','X','@','%','&','#','/','^','S','E'} -- initialize drawing area field = {} for i=1,fieldsize_x do field[i]={} for j=1,fieldsize_y do field[i][j]=1 end end -- we start in the center and mark it local x, y = math.ceil(fieldsize_x/2), math.ceil(fieldsize_y/2) field[x][y] = #characters - 1; -- iterate over fingerprint for i=1,#fingerprint do input = fingerprint:byte(i) -- each byte conveys four 2-bit move commands for j=1,4 do if bit.band( input, 1) == 1 then x = x + 1 else x = x - 1 end if bit.band( input, 2) == 2 then y = y + 1 else y = y - 1 end x = math.max(x,1); x = math.min(x,fieldsize_x) y = math.max(y,1); y = math.min(y,fieldsize_y) if field[x][y] < #characters - 2 then field[x][y] = field[x][y] + 1 end input = bit.rshift( input, 2 ) end end -- mark end point field[x][y] = #characters; -- build output s = ('\n+--[%4s %4d]----+\n'):format( algorithm, bits ) for i=1,fieldsize_y do s = s .. '|' for j=1,fieldsize_x do s = s .. characters[ field[j][i] ] end s = s .. '|\n' end s = s .. '+-----------------+\n' return s end -- A lazy parsing function for known_hosts_file. -- The script checks for the known_hosts file in this order: -- -- (1) If known_hosts is specified in a script arg, use that. If turned -- off (false), then don't do any known_hosts checking. -- (2) Look at ~/.ssh/config to see if user known_hosts is in an -- alternate location*. Look for "UserKnownHostsFile". If -- UserKnownHostsFile is specified, open that known_hosts. -- (3) Otherwise, open ~/.ssh/known_hosts. parse_known_hosts_file = function(path) local common_paths = {} local f, knownhostspath if path and io.open(path) then knownhostspath = path end if not knownhostspath then for l in io.lines(os.getenv("HOME") .. "/.ssh/config") do if l and string.find(l, "UserKnownHostsFile") then knownhostspath = string.match(l, "UserKnownHostsFile%s(.*)") if string.sub(knownhostspath,1,1)=="~" then knownhostspath = os.getenv("HOME") .. string.sub(knownhostspath, 2) end end end end if not knownhostspath then knownhostspath = os.getenv("HOME") .."/.ssh/known_hosts" end if not knownhostspath then return end local known_host_entries = {} local lnumber = 0 for l in io.lines(knownhostspath) do lnumber = lnumber + 1 if l and string.sub(l, 1, 1) ~= "#" then local parts = stdnse.strsplit(" ", l) table.insert(known_host_entries, {entry=parts, linenumber=lnumber}) end end return known_host_entries end return _ENV;