Esempio n. 1
1
static ssh_session create_ssh_connection(const char* hostname, const unsigned int port, const char* username,
	const char* password, const char* sshkey_path, const char* sshkey_passphrase)
{
	ssh_session sshs;

	/* Open session and set options */
	sshs = ssh_new();
	if (sshs == NULL) {
		errmsg_print("Can't create ssh session");
		return NULL;
	}

	if (!hostname)
		return NULL;

	if (ssh_options_set(sshs, SSH_OPTIONS_HOST, hostname)) {
		errmsg_print("Can't set the hostname: %s\n", hostname);
		goto failure;
	}

	if (port != 0) {
		if (ssh_options_set(sshs, SSH_OPTIONS_PORT, &port)) {
			errmsg_print("Can't set the port: %d\n", port);
			goto failure;
		}
	}

	if (!username)
		username = g_get_user_name();

	if (ssh_options_set(sshs, SSH_OPTIONS_USER, username)) {
		errmsg_print("Can't set the username: %s\n", username);
		goto failure;
	}

	verbose_print("Opening ssh connection to %s@%s:%u\n", username, hostname, port);

	/* Connect to server */
	if (ssh_connect(sshs) != SSH_OK) {
		errmsg_print("Error connecting to %s@%s:%u (%s)\n", username, hostname, port,
			ssh_get_error(sshs));
		goto failure;
	}

#ifdef HAVE_LIBSSH_USERAUTH_AGENT
	verbose_print("Connecting using ssh-agent...");
	/* Try to authenticate using ssh agent */
	if (ssh_userauth_agent(sshs, NULL) == SSH_AUTH_SUCCESS) {
		verbose_print("done\n");
		return sshs;
	}
	verbose_print("failed\n");
#endif

	/* If a public key path has been provided, try to authenticate using it */
	if (sshkey_path) {
		ssh_key pkey = ssh_key_new();
		int ret;

		verbose_print("Connecting using public key in %s...", sshkey_path);
		ret = ssh_pki_import_privkey_file(sshkey_path, sshkey_passphrase, NULL, NULL, &pkey);

		if (ret == SSH_OK) {
			if (ssh_userauth_publickey(sshs, NULL, pkey) == SSH_AUTH_SUCCESS) {
				verbose_print("done\n");
				ssh_key_free(pkey);
				return sshs;
			}
		}
		ssh_key_free(pkey);
		verbose_print("failed (%s)\n", ssh_get_error(sshs));
	}

	/* Try to authenticate using standard public key */
	verbose_print("Connecting using standard public key...");
	if (ssh_userauth_publickey_auto(sshs, NULL, NULL) == SSH_AUTH_SUCCESS) {
		verbose_print("done\n");
		return sshs;
	}
	verbose_print("failed\n");

	/* If a password has been provided and all previous attempts failed, try to use it */
	if (password) {
		verbose_print("Connecting using password...");
		if (ssh_userauth_password(sshs, username, password) == SSH_AUTH_SUCCESS) {
			verbose_print("done\n");
			return sshs;
		}
		verbose_print("failed\n");
	}

	errmsg_print("Can't find a valid authentication. Disconnecting.\n");

	/* All authentication failed. Disconnect and return */
	ssh_disconnect(sshs);

failure:
	ssh_free(sshs);
	return NULL;
}
Esempio n. 2
0
void attach_parent_console()
{
    BOOL outRedirected, errRedirected;

    outRedirected = IsHandleRedirected(STD_OUTPUT_HANDLE);
    errRedirected = IsHandleRedirected(STD_ERROR_HANDLE);

    if (outRedirected && errRedirected) {
	/* Both standard output and error handles are redirected.
	 * There is no point in attaching to parent process console.
	 */
	return;
    }

    if (AttachConsole(ATTACH_PARENT_PROCESS) == 0) {
	/* Console attach failed. */
	return;
    }

    /* Console attach succeeded */
    if (outRedirected == FALSE) {
	if (!freopen("CONOUT$", "w", stdout)) {
	    errmsg_print("WARNING: Cannot redirect to stdout.");
	}
    }

    if (errRedirected == FALSE) {
	if (!freopen("CONOUT$", "w", stderr)) {
	    errmsg_print("WARNING: Cannot redirect to strerr.");
	}
    }
}
Esempio n. 3
0
static int wait_until_data(ssh_channel channel, const long unsigned count)
{
	long unsigned got = 0;
	char output[SSH_READ_BLOCK_SIZE];
	char* output_ptr;
	guint rounds = 100;

	while (got < count && rounds--) {
		if (ssh_channel_printf(channel, "show monitor capture buffer %s parameters\n", WIRESHARK_CAPTURE_BUFFER) == EXIT_FAILURE) {
			errmsg_print("Can't write to channel");
			return EXIT_FAILURE;
		}
		if (read_output_bytes(channel, SSH_READ_BLOCK_SIZE, output) == EXIT_FAILURE)
			return EXIT_FAILURE;

		output_ptr = g_strstr_len(output, strlen(output), "Packets");
		if (!output_ptr) {
			errmsg_print("Error in sscanf()");
			return EXIT_FAILURE;
		} else {
			sscanf(output_ptr, "Packets : %lu", &got);
		}
	}
	verbose_print("All packets got: dumping\n");
	return EXIT_SUCCESS;
}
Esempio n. 4
0
static int list_config(char *interface, unsigned int remote_port)
{
	unsigned inc = 0;
	char* ipfilter;

	if (!interface) {
		errmsg_print("ERROR: No interface specified.");
		return EXIT_FAILURE;
	}

	if (g_strcmp0(interface, SSH_EXTCAP_INTERFACE)) {
		errmsg_print("ERROR: interface must be %s", SSH_EXTCAP_INTERFACE);
		return EXIT_FAILURE;
	}

	ipfilter = local_interfaces_to_filter(remote_port);

	printf("arg {number=%u}{call=--remote-host}{display=Remote SSH server address}"
		"{type=string}{tooltip=The remote SSH host. It can be both "
		"an IP address or a hostname}{required=true}\n", inc++);
	printf("arg {number=%u}{call=--remote-port}{display=Remote SSH server port}"
		"{type=unsigned}{default=22}{tooltip=The remote SSH host port (1-65535)}"
		"{range=1,65535}\n", inc++);
	printf("arg {number=%u}{call=--remote-username}{display=Remote SSH server username}"
		"{type=string}{default=%s}{tooltip=The remote SSH username. If not provided, "
		"the current user will be used}\n", inc++, g_get_user_name());
	printf("arg {number=%u}{call=--remote-password}{display=Remote SSH server password}"
		"{type=password}{tooltip=The SSH password, used when other methods (SSH agent "
		"or key files) are unavailable.}\n", inc++);
	printf("arg {number=%u}{call=--sshkey}{display=Path to SSH private key}"
		"{type=fileselect}{tooltip=The path on the local filesystem of the private ssh key}\n",
		inc++);
	printf("arg {number=%u}{call=--sshkey-passphrase}{display=SSH key passphrase}"
		"{type=password}{tooltip=Passphrase to unlock the SSH private key}\n",
		inc++);
	printf("arg {number=%u}{call=--remote-interface}{display=Remote interface}"
		"{type=string}{default=eth0}{tooltip=The remote network interface used for capture"
		"}\n", inc++);
	printf("arg {number=%u}{call=--remote-capture-bin}{display=Remote capture binary}"
		"{type=string}{default=%s}{tooltip=The remote dumpcap binary used "
		"for capture.}\n", inc++, DEFAULT_CAPTURE_BIN);
	printf("arg {number=%u}{call=--remote-filter}{display=Remote capture filter}"
		"{type=string}{tooltip=The remote capture filter}", inc++);
	if (ipfilter)
		printf("{default=%s}", ipfilter);
	printf("\n");
	printf("arg {number=%u}{call=--remote-count}{display=Packets to capture}"
		"{type=unsigned}{default=0}{tooltip=The number of remote packets to capture. (Default: inf)}\n",
		inc++);

	g_free(ipfilter);

	return EXIT_SUCCESS;
}
Esempio n. 5
0
static int ssh_open_remote_connection(const char* hostname, const unsigned int port, const char* username, const char* password,
	const char* sshkey, const char* sshkey_passphrase, const char* iface, const char* cfilter, const char* capture_bin,
	const unsigned long int count, const char* fifo)
{
	ssh_session sshs = NULL;
	ssh_channel channel = NULL;
	int fd = STDOUT_FILENO;
	int ret = EXIT_FAILURE;
	char* err_info = NULL;

	if (g_strcmp0(fifo, "-")) {
		/* Open or create the output file */
		fd = ws_open(fifo, O_WRONLY, 0640);
		if (fd == -1) {
			fd = ws_open(fifo, O_WRONLY | O_CREAT, 0640);
			if (fd == -1) {
				errmsg_print("Error creating output file: %s", g_strerror(errno));
				return EXIT_FAILURE;
			}
		}
	}

	sshs = create_ssh_connection(hostname, port, username, password, sshkey, sshkey_passphrase, &err_info);

	if (!sshs) {
		errmsg_print("Error creating connection: %s", err_info);
		goto cleanup;
	}

	channel = run_ssh_command(sshs, capture_bin, iface, cfilter, count);
	if (!channel)
		goto cleanup;

	/* read from channel and write into fd */
	ssh_loop_read(channel, fd);

	ret = EXIT_SUCCESS;
cleanup:
	if (err_info)
		errmsg_print("%s", err_info);
	g_free(err_info);

	/* clean up and exit */
	ssh_cleanup(&sshs, &channel);

	if (g_strcmp0(fifo, "-"))
		ws_close(fd);
	return ret;
}
Esempio n. 6
0
static void ssh_loop_read(ssh_channel channel, int fd)
{
	int nbytes;
	char buffer[SSH_READ_BLOCK_SIZE];

	/* read from stdin until data are available */
	do {
		nbytes = ssh_channel_read(channel, buffer, SSH_READ_BLOCK_SIZE, 0);
		if (write(fd, buffer, nbytes) != nbytes) {
			errmsg_print("ERROR reading: %s\n", g_strerror(errno));
			return;
		}
	} while(nbytes > 0);

	/* read loop finished... maybe something wrong happened. Read from stderr */
	do {
		nbytes = ssh_channel_read(channel, buffer, SSH_READ_BLOCK_SIZE, 1);
		if (write(STDERR_FILENO, buffer, nbytes) != nbytes) {
			return;
		}
	} while(nbytes > 0);

	if (ssh_channel_send_eof(channel) != SSH_OK)
		return;
}
Esempio n. 7
0
uint8_t extcap_base_handle_interface(extcap_parameters * extcap)
{
    /* A fifo must be provided for capture */
    if (extcap->capture && (extcap->fifo == NULL || strlen(extcap->fifo) <= 0)) {
	extcap->capture = 0;
	errmsg_print("Extcap Error: No FIFO pipe provided");
	return 0;
    }

    if (extcap->do_list_interfaces) {
	return extcap_iface_listall(extcap, 1);
    } else if (extcap->do_version || extcap->do_list_dlts) {
	return extcap_iface_listall(extcap, 0);
    } else {
	/* An interface must exist */
	if (g_list_find_custom(extcap->interfaces, extcap->interface, extcap_iface_compare) == NULL) {
	    errmsg_print("Extcap Error: No interface [%s] provided", extcap->interface);
	    return 0;
	}
    }

    return 0;
}
Esempio n. 8
0
static int ssh_open_remote_connection(const char* hostname, const unsigned int port, const char* username, const char* password,
	const char* sshkey, const char* sshkey_passphrase, const char* iface, const char* cfilter, const char* capture_bin,
	const unsigned long int count, const char* fifo)
{
	ssh_session sshs;
	ssh_channel channel;
	int fd;

	if (!g_strcmp0(fifo, "-")) {
		/* use stdout */
		fd = STDOUT_FILENO;
	} else {
		/* Open or create the output file */
		fd = open(fifo, O_WRONLY);
		if (fd == -1) {
			fd = open(fifo, O_WRONLY | O_CREAT, 0640);
			if (fd == -1) {
				errmsg_print("Error creating output file: %s\n", g_strerror(errno));
				return EXIT_FAILURE;
			}
		}
	}

	sshs = create_ssh_connection(hostname, port, username, password, sshkey, sshkey_passphrase);

	if (!sshs)
		return EXIT_FAILURE;

	channel = run_ssh_command(sshs, capture_bin, iface, cfilter, count);
	if (!channel)
		return EXIT_FAILURE;

	/* read from channel and write into fd */
	ssh_loop_read(channel, fd);

	/* clean up and exit */
	ssh_cleanup(sshs, channel);

	return EXIT_SUCCESS;
}
Esempio n. 9
0
int main(int argc, char **argv)
{
	int result;
	int option_idx = 0;
	int do_list_interfaces = 0;
	int do_config = 0;
	int do_capture = 0;
	int i;
	char* interface = NULL;
	char* remote_host = NULL;
	unsigned int remote_port = 22;
	char* remote_username = NULL;
	char* remote_password = NULL;
	int do_dlts = 0;
	char* fifo = NULL;
	char* remote_interface = NULL;
	char* remote_capture_bin = NULL;
	char* extcap_filter = NULL;
	char* sshkey = NULL;
	char* sshkey_passphrase = NULL;
	char* remote_filter = NULL;
	unsigned long int count = 0;

#ifdef _WIN32
	WSADATA wsaData;

	attach_parent_console();
#endif  /* _WIN32 */

	opterr = 0;
	optind = 0;

	if (argc == 1) {
		help(argv[0]);
		return EXIT_FAILURE;
	}

	for (i = 0; i < argc; i++) {
		verbose_print("%s ", argv[i]);
	}
	verbose_print("\n");

	while ((result = getopt_long(argc, argv, ":", longopts, &option_idx)) != -1) {

		switch (result) {

		case OPT_HELP:
			help(argv[0]);
			return EXIT_SUCCESS;

		case OPT_VERBOSE:
			verbose = TRUE;
			break;

		case OPT_VERSION:
			printf("%u.%u.%u\n", SSHDUMP_VERSION_MAJOR, SSHDUMP_VERSION_MINOR, SSHDUMP_VERSION_RELEASE);
			return EXIT_SUCCESS;

		case OPT_LIST_INTERFACES:
			do_list_interfaces = 1;
			break;

		case OPT_LIST_DLTS:
			do_dlts = 1;
			break;

		case OPT_INTERFACE:
			if (interface)
				g_free(interface);
			interface = g_strdup(optarg);
			break;

		case OPT_CONFIG:
			do_config = 1;
			break;

		case OPT_CAPTURE:
			do_capture = 1;
			break;

		case OPT_FIFO:
			if (fifo)
				g_free(fifo);
			fifo = g_strdup(optarg);
			break;

		case OPT_REMOTE_HOST:
			if (remote_host)
				g_free(remote_host);
			remote_host = g_strdup(optarg);
			break;

		case OPT_REMOTE_PORT:
			remote_port = (unsigned int)strtoul(optarg, NULL, 10);
			if (remote_port > 65535 || remote_port == 0) {
				printf("Invalid port: %s\n", optarg);
				return EXIT_FAILURE;
			}
			break;

		case OPT_REMOTE_USERNAME:
			if (remote_username)
				g_free(remote_username);
			remote_username = g_strdup(optarg);
			break;

		case OPT_REMOTE_PASSWORD:
			if (remote_password)
				g_free(remote_password);
			remote_password = g_strdup(optarg);
			memset(optarg, 'X', strlen(optarg));
			break;

		case OPT_SSHKEY:
			if (sshkey)
				g_free(sshkey);
			sshkey = g_strdup(optarg);
			break;

		case OPT_SSHKEY_PASSPHRASE:
			if (sshkey_passphrase)
				g_free(sshkey_passphrase);
			sshkey_passphrase = g_strdup(optarg);
			memset(optarg, 'X', strlen(optarg));
			break;

		case OPT_REMOTE_INTERFACE:
			if (remote_interface)
				g_free(remote_interface);
			remote_interface = g_strdup(optarg);
			break;

		case OPT_REMOTE_CAPTURE_BIN:
			if (remote_capture_bin)
				g_free(remote_capture_bin);
			remote_capture_bin = g_strdup(optarg);
			break;

		case OPT_EXTCAP_FILTER:
			if (extcap_filter)
				g_free(extcap_filter);
			extcap_filter = g_strdup(optarg);
			break;

		case OPT_REMOTE_FILTER:
			if (remote_filter)
				g_free(remote_filter);
			remote_filter = g_strdup(optarg);
			break;

		case OPT_REMOTE_COUNT:
			count = strtoul(optarg, NULL, 10);
			break;

		case ':':
			/* missing option argument */
			printf("Option '%s' requires an argument\n", argv[optind - 1]);
			break;

		default:
			printf("Invalid option: %s\n", argv[optind - 1]);
			return EXIT_FAILURE;
		}
	}

	if (optind != argc) {
		printf("Unexpected extra option: %s\n", argv[optind]);
		return EXIT_FAILURE;
	}

	if (do_list_interfaces)
		return list_interfaces();

	if (do_config)
		return list_config(interface, remote_port);

	if (do_dlts)
		return list_dlts(interface);

#ifdef _WIN32
	result = WSAStartup(MAKEWORD(1,1), &wsaData);
	if (result != 0) {
		if (verbose)
			errmsg_print("ERROR: WSAStartup failed with error: %d\n", result);
		return 1;
	}
#endif  /* _WIN32 */

	if (do_capture) {
		char* filter;
		int ret = 0;
		if (!fifo) {
			errmsg_print("ERROR: No FIFO or file specified\n");
			return 1;
		}
		if (g_strcmp0(interface, SSH_EXTCAP_INTERFACE)) {
			errmsg_print("ERROR: invalid interface\n");
			return 1;
		}
		if (!remote_host) {
			errmsg_print("Missing parameter: --remote-host");
			return 1;
		}
		filter = concat_filters(extcap_filter, remote_filter);
		ret = ssh_open_remote_connection(remote_host, remote_port, remote_username,
			remote_password, sshkey, sshkey_passphrase, remote_interface,
			filter, remote_capture_bin, count, fifo);
		g_free(filter);
		return ret;
	}

	verbose_print("You should not come here... maybe some parameter missing?\n");
	return 1;
}
Esempio n. 10
0
int main(int argc, char **argv)
{
	int result;
	int option_idx = 0;
	int i;
	char* remote_host = NULL;
	unsigned int remote_port = 22;
	char* remote_username = NULL;
	char* remote_password = NULL;
	char* remote_interface = NULL;
	char* remote_capture_bin = NULL;
	char* sshkey = NULL;
	char* sshkey_passphrase = NULL;
	char* remote_filter = NULL;
	unsigned long int count = 0;
	int ret = EXIT_FAILURE;
	extcap_parameters * extcap_conf = g_new0(extcap_parameters, 1);

#ifdef _WIN32
	WSADATA wsaData;

	attach_parent_console();
#endif  /* _WIN32 */

	extcap_base_set_util_info(extcap_conf, SSHDUMP_VERSION_MAJOR, SSHDUMP_VERSION_MINOR, SSHDUMP_VERSION_RELEASE, NULL);
	extcap_base_register_interface(extcap_conf, SSH_EXTCAP_INTERFACE, "SSH remote capture", 147, "Remote capture dependent DLT");

	opterr = 0;
	optind = 0;

	if (argc == 1) {
		help(argv[0]);
		goto end;
	}

	for (i = 0; i < argc; i++) {
		verbose_print("%s ", argv[i]);
	}
	verbose_print("\n");

	while ((result = getopt_long(argc, argv, ":", longopts, &option_idx)) != -1) {

		switch (result) {

		case OPT_HELP:
			help(argv[0]);
			ret = EXIT_SUCCESS;
			goto end;

		case OPT_VERBOSE:
			verbose = TRUE;
			break;

		case OPT_VERSION:
			printf("%s.%s.%s\n", SSHDUMP_VERSION_MAJOR, SSHDUMP_VERSION_MINOR, SSHDUMP_VERSION_RELEASE);
			ret = EXIT_SUCCESS;
			goto end;

		case OPT_REMOTE_HOST:
			g_free(remote_host);
			remote_host = g_strdup(optarg);
			break;

		case OPT_REMOTE_PORT:
			remote_port = (unsigned int)strtoul(optarg, NULL, 10);
			if (remote_port > 65535 || remote_port == 0) {
				errmsg_print("Invalid port: %s", optarg);
				goto end;
			}
			break;

		case OPT_REMOTE_USERNAME:
			g_free(remote_username);
			remote_username = g_strdup(optarg);
			break;

		case OPT_REMOTE_PASSWORD:
			g_free(remote_password);
			remote_password = g_strdup(optarg);
			memset(optarg, 'X', strlen(optarg));
			break;

		case OPT_SSHKEY:
			g_free(sshkey);
			sshkey = g_strdup(optarg);
			break;

		case OPT_SSHKEY_PASSPHRASE:
			g_free(sshkey_passphrase);
			sshkey_passphrase = g_strdup(optarg);
			memset(optarg, 'X', strlen(optarg));
			break;

		case OPT_REMOTE_INTERFACE:
			g_free(remote_interface);
			remote_interface = g_strdup(optarg);
			break;

		case OPT_REMOTE_CAPTURE_BIN:
			g_free(remote_capture_bin);
			remote_capture_bin = g_strdup(optarg);
			break;

		case OPT_REMOTE_FILTER:
			g_free(remote_filter);
			remote_filter = g_strdup(optarg);
			break;

		case OPT_REMOTE_COUNT:
			count = strtoul(optarg, NULL, 10);
			break;

		case ':':
			/* missing option argument */
			errmsg_print("Option '%s' requires an argument", argv[optind - 1]);
			break;

		default:
			if (!extcap_base_parse_options(extcap_conf, result - EXTCAP_OPT_LIST_INTERFACES, optarg)) {
				errmsg_print("Invalid option: %s", argv[optind - 1]);
				goto end;
			}
		}
	}

	if (optind != argc) {
		errmsg_print("Unexpected extra option: %s", argv[optind]);
		goto end;
	}

	if (extcap_base_handle_interface(extcap_conf)) {
		ret = EXIT_SUCCESS;
		goto end;
	}

	if (extcap_conf->show_config) {
		ret = list_config(extcap_conf->interface, remote_port);
		goto end;
	}

#ifdef _WIN32
	result = WSAStartup(MAKEWORD(1,1), &wsaData);
	if (result != 0) {
		if (verbose)
			errmsg_print("ERROR: WSAStartup failed with error: %d", result);
		goto end;
	}
#endif  /* _WIN32 */

	if (extcap_conf->capture) {
		char* filter;

		if (!remote_host) {
			errmsg_print("Missing parameter: --remote-host");
			goto end;
		}
		filter = concat_filters(extcap_conf->capture_filter, remote_filter);
		ret = ssh_open_remote_connection(remote_host, remote_port, remote_username,
			remote_password, sshkey, sshkey_passphrase, remote_interface,
			filter, remote_capture_bin, count, extcap_conf->fifo);
		g_free(filter);
	} else {
		verbose_print("You should not come here... maybe some parameter missing?\n");
		ret = EXIT_FAILURE;
	}

end:
	/* clean up stuff */
	g_free(remote_host);
	g_free(remote_username);
	g_free(remote_password);
	g_free(remote_interface);
	g_free(remote_capture_bin);
	g_free(sshkey);
	g_free(sshkey_passphrase);
	g_free(remote_filter);
	extcap_base_cleanup(&extcap_conf);
	return ret;
}