ssh_session connect_ssh(const char *host, const char *user,int verbosity)
{
ssh_session session;
int auth=0;
session=ssh_new();
if(session==NULL) return(NULL);
if(user!=NULL)
{
if(ssh_options_set(session,SSH_OPTIONS_USER,user)<0)
{
ssh_free(session);
return NULL;
}
}
if(ssh_options_set(session,SSH_OPTIONS_HOST,host)<0)
{
ssh_free(session);
return(NULL);
}
ssh_options_set(session,SSH_OPTIONS_LOG_VERBOSITY,&verbosity);
if(ssh_connect(session))
{
prterr("Connection failed : %s\n",ssh_get_error(session));
ssh_disconnect(session);
ssh_free(session);
return(NULL);
}
if(verify_knownhost(session)<0)
{
ssh_disconnect(session);
ssh_free(session);
return(NULL);
}
auth=authenticate_console(session);
if(auth==SSH_AUTH_SUCCESS)
{
return(session);
} else if(auth==SSH_AUTH_DENIED)
{
prterr("Error: Authentication failed.");
} else {
prterr("Error while authenticating : %s\n",ssh_get_error(session));
}
ssh_disconnect(session);
ssh_free(session);
return(NULL);
}
int test()
{
ssh_session my_ssh_session;
int rc;
// Open session and set options
my_ssh_session = ssh_new();
if (my_ssh_session == NULL)
exit(-1);
ssh_options_set(my_ssh_session, SSH_OPTIONS_HOST, "localhost");
// Connect to server
rc = ssh_connect(my_ssh_session);
if (rc != SSH_OK)
{
fprintf(stderr, "Error connecting to localhost: %s\n",
ssh_get_error(my_ssh_session));
ssh_free(my_ssh_session);
exit(-1);
}
// Verify the server's identity
// For the source code of verify_knowhost(), check previous example
// if (verify_knownhost(my_ssh_session) < 0)
// {
// ssh_disconnect(my_ssh_session);
// ssh_free(my_ssh_session);
// exit(-1);
// }
// Authenticate ourselves
QString password("whcrosedu");
rc = ssh_userauth_password(my_ssh_session, NULL, password.toLatin1());
if (rc != SSH_AUTH_SUCCESS)
{
fprintf(stderr, "Error authenticating with password: %s\n",
ssh_get_error(my_ssh_session));
ssh_disconnect(my_ssh_session);
ssh_free(my_ssh_session);
exit(-1);
}
qDebug()<<"evrika";
show_remote_processes(my_ssh_session);
ssh_disconnect(my_ssh_session);
ssh_free(my_ssh_session);
}
static void torture_algorithms_zlib(void **state) {
ssh_session session = *state;
int rc;
rc = ssh_options_set(session,SSH_OPTIONS_HOST,"localhost");
assert_true(rc == SSH_OK);
rc = ssh_options_set(session, SSH_OPTIONS_COMPRESSION_C_S, "zlib");
assert_true(rc == SSH_OK);
rc = ssh_options_set(session, SSH_OPTIONS_COMPRESSION_S_C, "zlib");
assert_true(rc == SSH_OK);
rc = ssh_connect(session);
if (ssh_get_openssh_version(session)) {
assert_false(rc == SSH_OK);
} else {
assert_true(rc == SSH_OK);
rc = ssh_userauth_none(session, NULL);
if (rc != SSH_OK) {
rc = ssh_get_error_code(session);
assert_true(rc == SSH_REQUEST_DENIED);
}
}
ssh_disconnect(session);
}
int doCopy(int argc, char **argv){
struct location *dest, *src;
int i;
int r;
if(opts(argc,argv)<0)
return EXIT_FAILURE;
dest=parse_location(destination);
if(open_location(dest,WRITE)<0)
return EXIT_FAILURE;
for(i=0;i<nsources;++i){
src=parse_location(sources[i]);
if(open_location(src,READ)<0){
return EXIT_FAILURE;
}
if(do_copy(src,dest,0) < 0){
break;
}
}
if(dest->is_ssh){
r=ssh_scp_close(dest->scp);
if(r == SSH_ERROR){
fprintf(stderr,"Error closing scp: %s\n",ssh_get_error(dest->session));
ssh_scp_free(dest->scp);
dest->scp=NULL;
return -1;
}
} else {
fclose(dest->file);
dest->file=NULL;
}
ssh_disconnect(dest->session);
ssh_finalize();
return 0;
}
int connexion_disconnect(t_peer *peer)
{
if (ssh_is_connected(peer->connexion.session) == 1)
ssh_disconnect(peer->connexion.session);
peer->connexion.connexion_origin = NOT_CONNECTED;
return (0);
}
int main(int argc, char **argv)
{
ssh_session_t *session = NULL;
session = ssh_new();
ssh_callbacks_init(&cb);
ssh_set_callbacks(session,&cb);
if(ssh_options_getopt(session, &argc, argv))
{
fprintf(stderr, "error parsing command line :%s\n",
ssh_get_error(session));
usage();
}
opts(argc,argv);
signal(SIGTERM, do_exit);
client(session);
ssh_disconnect(session);
ssh_free(session);
ssh_finalize();
return 0;
}
static int auth_password( ssh_session session, const char *uname, const char *password, void *userdata )
{
#ifdef ENABLE_SSH
SSHSession *s = (SSHSession *)userdata;
DEBUG("Authenticating user %s pwd %s\n", uname, password );
struct UserLibrary *ulib = SLIB->LibraryUserGet( SLIB );
DEBUG("Gettings message login/pass\n");
if( uname != NULL && password != NULL )
{
s->sshs_Usr = ulib->UserGet( ulib, uname );
if( strcmp( password, s->sshs_Usr->u_Password ) == 0 )
{
s->sshs_Authenticated = 1;
DEBUG("Authenticated\n");
return SSH_AUTH_SUCCESS;
}
}
if( s->sshs_Tries >= 3 )
{
DEBUG("Too many authentication tries\n");
ssh_disconnect(session);
s->sshs_Error = 1;
return SSH_AUTH_DENIED;
}
s->sshs_Tries++;
#endif
return SSH_AUTH_DENIED;
}
static void test_algorithm(ssh_session session, const char *algo, const char *hmac) {
int rc;
rc = ssh_options_set(session, SSH_OPTIONS_CIPHERS_C_S, algo);
assert_int_equal(rc, SSH_OK);
rc = ssh_options_set(session, SSH_OPTIONS_CIPHERS_S_C, algo);
assert_int_equal(rc, SSH_OK);
rc = ssh_options_set(session, SSH_OPTIONS_HMAC_C_S, hmac);
assert_int_equal(rc, SSH_OK);
rc = ssh_options_set(session, SSH_OPTIONS_HMAC_S_C, hmac);
assert_int_equal(rc, SSH_OK);
rc = ssh_connect(session);
assert_int_equal(rc, SSH_OK);
rc = ssh_userauth_none(session, NULL);
if (rc != SSH_OK) {
rc = ssh_get_error_code(session);
assert_int_equal(rc, SSH_REQUEST_DENIED);
}
ssh_disconnect(session);
}
static void close_location(struct location *loc) {
int rc;
if (loc) {
if (loc->is_ssh) {
if (loc->scp) {
rc = ssh_scp_close(loc->scp);
if (rc == SSH_ERROR) {
fprintf(stderr,
"Error closing scp: %s\n",
ssh_get_error(loc->session));
}
ssh_scp_free(loc->scp);
loc->scp = NULL;
}
if (loc->session) {
ssh_disconnect(loc->session);
ssh_free(loc->session);
loc->session = NULL;
}
} else {
if (loc->file) {
fclose(loc->file);
loc->file = NULL;
}
}
}
}
int main(int argc, char **argv){
ssh_session session;
session = ssh_new();
if(ssh_options_getopt(session, &argc, argv)) {
fprintf(stderr, "error parsing command line :%s\n",
ssh_get_error(session));
usage();
}
opts(argc,argv);
#ifdef WITH_PCAP
set_pcap(session);
#endif
client(session);
ssh_disconnect(session);
ssh_free(session);
#ifdef WITH_PCAP
cleanup_pcap();
#endif
ssh_finalize();
return 0;
}
int ssh_login(const char *user, const char *passwd){
ssh_session ssh_id;
int ret = 0;
printf("[*] testing => %s:%s:%s\n", target, user, passwd);
ssh_id = ssh_new();
ssh_options_set(ssh_id, SSH_OPTIONS_HOST, target);
ssh_options_set(ssh_id, SSH_OPTIONS_USER, user);
if(ssh_connect(ssh_id) != SSH_OK){
goto end;
}
if(ssh_userauth_password(ssh_id, NULL, passwd) != SSH_AUTH_SUCCESS){
goto end;
}
printf("\n\n\tCracked --> [%s : %s]\n\n", user, passwd);
ret = 1;
end:
ssh_disconnect(ssh_id);
ssh_free(ssh_id);
return ret;
}
int main()
{
ssh_session my_ssh_session;
int rc;
int port = 22;
my_ssh_session = ssh_new();
if(my_ssh_session == NULL)
exit(-1);
ssh_options_set(my_ssh_session, SSH_OPTIONS_HOST, "localhost");
ssh_options_set(my_ssh_session, SSH_OPTIONS_PORT, &port);
ssh_options_set(my_ssh_session, SSH_OPTIONS_USER, "root");
rc = ssh_connect(my_ssh_session);
if(rc != SSH_OK)
{
fprintf(stderr, "Error connecting to localhost: %s\n", ssh_get_error(my_ssh_session));
exit(-1);
}
scp_write(my_ssh_session);
ssh_disconnect(my_ssh_session);
ssh_free(my_ssh_session);
}
int process_ssh_target(char * pcAddress, char * pcLogin, char * pcPasswd,char * pcDatafile)
{
ssh_session session;
if ( ( NULL == pcAddress) || ( NULL == pcLogin) || ( NULL == pcPasswd) || ( NULL == pcDatafile) )
{
printf("ERROR: Incorrect data; somewhere empty string.\n");//TODO
return -8;//TODO
}
session = ssh_new();
ssh_callbacks_init(&cb);
ssh_set_callbacks(session,&cb);
user_host_file(pcLogin, pcAddress, pcDatafile);
signal(SIGTERM, do_exit);
/* Create input pipe between two endpoints */
pipe(input_pipe);
#if defined(OUT_PIPE)
/* Create output pipe between two endpoints */
pipe(output_pipe);
#endif /* OUT_PIPE */
/* Launch Successor to push commands into tray */
iInput_Start("none", 25);
#if defined(OUT_PIPE)
// iOutput_Start("", 25);
#endif /* OUT_PIPE */
client_ssh(session, pcPasswd);
ssh_disconnect(session);
ssh_free(session);
ssh_finalize();
/* allocated in <assign_host_file> */
free (user);
/* allocated in <assign_host_file> */
free (host);
/* Free memory occupied by dynamically stored raw data */
DeleteCmds(&pCmdChain);
return 0;
}
void check_result(int r, ssh_session this_session)
{
if (r != SSH_OK) {
ssh_disconnect(this_session);
ssh_free(this_session);
caml_failwith(ssh_get_error(this_session));
}
}
void
Session::disconnect() {
if (ssh_is_connected(this->c_session)) {
ssh_disconnect(this->c_session);
} else {
throw std::runtime_error("Session not connected");
}
}
void SSH::disconnect()
{
if (_connected) {
_logger->debug("Disconnecting SSH");
ssh_disconnect(_ssh);
_connected = false;
}
}
/**
* Disconnect of the SSH server
* @return bool true if it's ok, false else
*/
bool Kssh::disconnect()
{
if (ssh_get_status(this->m_session) != SSH_CLOSED) {
ssh_disconnect(this->m_session);
}
return true;
}
static void torture_knownhosts_unknown(void **state)
{
struct torture_state *s = *state;
ssh_session session = s->ssh.session;
char known_hosts_file[1024] = {0};
enum ssh_known_hosts_e found;
int rc;
snprintf(known_hosts_file,
sizeof(known_hosts_file),
"%s/%s",
s->socket_dir,
TORTURE_KNOWN_HOSTS_FILE);
rc = ssh_options_set(session, SSH_OPTIONS_KNOWNHOSTS, known_hosts_file);
assert_ssh_return_code(session, rc);
rc = ssh_options_set(session, SSH_OPTIONS_HOSTKEYS, "ssh-ed25519");
assert_ssh_return_code(session, rc);
rc = ssh_connect(session);
assert_ssh_return_code(session, rc);
found = ssh_session_is_known_server(session);
assert_int_equal(found, SSH_KNOWN_HOSTS_UNKNOWN);
rc = ssh_session_update_known_hosts(session);
assert_ssh_return_code(session, rc);
ssh_disconnect(session);
ssh_free(session);
/* connect again and check host key */
session = ssh_new();
assert_non_null(session);
s->ssh.session = session;
rc = ssh_options_set(s->ssh.session, SSH_OPTIONS_HOST, TORTURE_SSH_SERVER);
assert_ssh_return_code(s->ssh.session, rc);
rc = ssh_options_set(s->ssh.session,
SSH_OPTIONS_USER,
TORTURE_SSH_USER_ALICE);
assert_ssh_return_code(s->ssh.session, rc);
rc = ssh_options_set(session, SSH_OPTIONS_KNOWNHOSTS, known_hosts_file);
assert_ssh_return_code(session, rc);
rc = ssh_connect(session);
assert_ssh_return_code(session, rc);
/* ssh-rsa is the default but libssh should try ssh-ed25519 instead */
found = ssh_session_is_known_server(session);
assert_int_equal(found, SSH_KNOWN_HOSTS_OK);
/* session will be freed by session_teardown() */
}
SSH_SESSION *connect_host(const char *hostname){
SSH_SESSION *session;
SSH_OPTIONS *options;
int auth=0;
int state;
options=ssh_options_new();
ssh_options_set_host(options,hostname);
session=ssh_new();
ssh_set_options(session,options);
if(ssh_connect(session)){
fprintf(stderr,"Connection failed : %s\n",ssh_get_error(session));
ssh_disconnect(session);
return NULL;
}
state = ssh_session_is_known_server(session);
switch(state){
case SSH_SERVER_KNOWN_OK:
break; /* ok */
case SSH_SERVER_KNOWN_CHANGED:
fprintf(stderr,"Host key for server changed : server's one is now :\n");
fprintf(stderr,"For security reason, connection will be stopped\n");
ssh_disconnect(session);
ssh_finalize();
return NULL;
case SSH_SERVER_FOUND_OTHER:
fprintf(stderr,"The host key for this server was not found but an other type of key exists.\n");
fprintf(stderr,"An attacker might change the default server key to confuse your client"
"into thinking the key does not exist\n"
"We advise you to rerun the client with -d or -r for more safety.\n");
ssh_disconnect(session);
ssh_finalize();
return NULL;
case SSH_SERVER_NOT_KNOWN:
fprintf(stderr,"The server is unknown. Leaving now");
ssh_disconnect(session);
return NULL;
case SSH_SERVER_ERROR:
fprintf(stderr,"%s",ssh_get_error(session));
ssh_disconnect(session);
return NULL;
}
ssh_userauth_none(session, NULL);
auth=ssh_userauth_autopubkey(session, NULL);
if(auth==SSH_AUTH_ERROR){
fprintf(stderr,"Authenticating with pubkey: %s\n",ssh_get_error(session));
ssh_disconnect(session);
return NULL;
}
if(auth!=SSH_AUTH_SUCCESS){
fprintf(stderr,"Authentication failed: %s\n",ssh_get_error(session));
ssh_disconnect(session);
return NULL;
}
ssh_log(session, SSH_LOG_FUNCTIONS, "Authentication success");
return session;
}
int main(int argc, char *argv[])
{
umask(0);
con.verbosity = SSH_LOG_PROTOCOL;
con.port = 22;
con.user = "******";
con.password = "******";
con.my_ssh_session = ssh_new();
con.mountpath = "/tmp/fuse/";
if (con.my_ssh_session == NULL)
perror("unable to craete a session");
//ssh_options_set(con.my_ssh_session, SSH_OPTIONS_USER, "akanksha");
//ssh_options_set(con.my_ssh_session, SSH_OPTIONS_HOST, "192.168.1.2");
ssh_options_set(con.my_ssh_session, SSH_OPTIONS_HOST, "localhost");
ssh_options_set(con.my_ssh_session, SSH_OPTIONS_LOG_VERBOSITY, &con.verbosity);
ssh_options_set(con.my_ssh_session, SSH_OPTIONS_PORT, &con.port);
con.rc = ssh_connect(con.my_ssh_session);
if (con.rc != SSH_OK)
{
fprintf(stderr, "Error connecting to localhost: %s\n",
ssh_get_error(con.my_ssh_session));
} else{
fprintf(stderr, "Connection succesful");
}
//con.password = getpass("Password: "******"Error authenticating with password: %s\n",
ssh_get_error(con.my_ssh_session));
ssh_disconnect(con.my_ssh_session);
ssh_free(con.my_ssh_session);
}
con.sftp = create_sftp_session();
int res = fuse_main(argc, argv, &xmp_oper, NULL);
perror("Fuse main called ");
ssh_disconnect(con.my_ssh_session);
sftp_free(con.sftp);
ssh_free(con.my_ssh_session);
return res;
}
int SSHConnection::disconnect()
{
if (session.get())
{
ssh_disconnect(session.get());
session.release();
}
return 0;
}
static void torture_connect_failure(void **state) {
/*
* The intent of this test is to check that a fresh
* ssh_new/ssh_disconnect/ssh_free sequence doesn't crash/leak
* and the behavior of a double ssh_disconnect
*/
ssh_session session = *state;
ssh_disconnect(session);
}
Session::~Session() {
#ifndef NDEBUG
std::cout << "Destroing Session" << std::endl;
#endif
if (ssh_is_connected(this->c_session)) {
ssh_disconnect(this->c_session);
this->c_session = NULL;
}
}
static int session_teardown(void **state)
{
struct torture_state *s = *state;
ssh_disconnect(s->ssh.session);
ssh_free(s->ssh.session);
return 0;
}
int spatch()
{
ssh_session session = NULL;
ssh_bind sshbind = NULL;
sthreadList* list = NULL;
int port = SERVER_PORT;
sshbind=ssh_bind_new();
//session=ssh_new();
ssh_bind_options_set(sshbind, SSH_BIND_OPTIONS_BINDPORT, &port);
ssh_bind_options_set(sshbind, SSH_BIND_OPTIONS_DSAKEY,
KEYS_FOLDER "ssh_host_dsa_key");
ssh_bind_options_set(sshbind, SSH_BIND_OPTIONS_RSAKEY,
KEYS_FOLDER "ssh_host_rsa_key");
if (ssh_bind_listen(sshbind)<0)
{
printf("Error listening to socket: %s\n", ssh_get_error(sshbind));
return 1;
}
printf("Server start on port %d\n", port);
while(1)
{
session=ssh_new();
if (ssh_bind_accept(sshbind, session) == SSH_ERROR)
{
printf("Error accepting a connection: %s\n", ssh_get_error(sshbind));
ssh_free(session);
}
else
{
list = newNodeList(list, session);
if (pthread_create(&(list->thread), NULL, (void*)NewSessionLoop, (void*)&(list->sesData)) != 0)
{
sthreadList* tmp;
ssh_disconnect(session);
ssh_free(session);
tmp = list;
list = list->next;
free(tmp);
}
}
}
if (session)
ssh_free(session);
cleanList(list);
ssh_bind_free(sshbind);
ssh_finalize();
return 0;
}
//
// dirty workaround here: miscptr is the ptr to the logins, and the first one is used
// to test if password authentication is enabled!!
//
int32_t service_ssh_init(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE * fp, int32_t port, char *hostname) {
// called before the childrens are forked off, so this is the function
// which should be filled if initial connections and service setup has to be
// performed once only.
//
// fill if needed.
//
// return codes:
// 0 all OK
// 1 skip target without generating an error
// 2 skip target because of protocol problems
// 3 skip target because its unreachable
#ifdef LIBSSH
int32_t rc, method;
ssh_session session = ssh_new();
if (verbose || debug)
printf("[INFO] Testing if password authentication is supported by ssh://%s@%s:%d\n", miscptr == NULL ? "hydra" : miscptr, hydra_address2string_beautiful(ip), port);
ssh_options_set(session, SSH_OPTIONS_PORT, &port);
ssh_options_set(session, SSH_OPTIONS_HOST, hydra_address2string(ip));
if (miscptr == NULL)
ssh_options_set(session, SSH_OPTIONS_USER, "hydra");
else
ssh_options_set(session, SSH_OPTIONS_USER, miscptr);
ssh_options_set(session, SSH_OPTIONS_TIMEOUT, &hydra_options.waittime);
ssh_options_set(session, SSH_OPTIONS_COMPRESSION_C_S, "none");
ssh_options_set(session, SSH_OPTIONS_COMPRESSION_S_C, "none");
if (ssh_connect(session) != 0) {
fprintf(stderr, "[ERROR] could not connect to ssh://%s:%d - %s\n", hydra_address2string_beautiful(ip), port, ssh_get_error(session));
return 2;
}
rc = ssh_userauth_none(session, NULL);
method = ssh_userauth_list(session, NULL);
ssh_disconnect(session);
ssh_finalize();
ssh_free(session);
if (debug) printf("[DEBUG] SSH method check: %08x\n", method);
if ((method & SSH_AUTH_METHOD_INTERACTIVE) || (method & SSH_AUTH_METHOD_PASSWORD)) {
if (verbose || debug)
printf("[INFO] Successful, password authentication is supported by ssh://%s:%d\n", hydra_address2string_beautiful(ip), port);
return 0;
} else if (method == 0) {
if (verbose || debug)
fprintf(stderr, "[WARNING] invalid SSH method reply from ssh://%s:%d, continuing anyway ... (check for empty password!)\n", hydra_address2string_beautiful(ip), port);
return 0;
}
fprintf(stderr, "[ERROR] target ssh://%s:%d/ does not support password authentication (method reply %d).\n", hydra_address2string_beautiful(ip), port, method);
return 1;
#else
return 0;
#endif
}
void service_ssh(char *ip, int32_t sp, unsigned char options, char *miscptr, FILE * fp, int32_t port, char *hostname) {
int32_t run = 1, next_run = 1, sock = -1;
hydra_register_socket(sp);
if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0)
return;
while (1) {
switch (run) {
case 1: /* connect and service init function */
next_run = start_ssh(sock, ip, port, options, miscptr, fp);
break;
case 2:
ssh_disconnect(session);
ssh_finalize();
ssh_free(session);
hydra_child_exit(0);
break;
case 3:
ssh_disconnect(session);
ssh_finalize();
ssh_free(session);
if (verbose)
fprintf(stderr, "[ERROR] ssh protocol error\n");
hydra_child_exit(2);
break;
case 4:
ssh_disconnect(session);
ssh_finalize();
ssh_free(session);
fprintf(stderr, "[ERROR] ssh target does not support password auth\n");
hydra_child_exit(2);
break;
default:
ssh_disconnect(session);
ssh_finalize();
ssh_free(session);
hydra_report(stderr, "[ERROR] Caught unknown return code, exiting!\n");
hydra_child_exit(2);
}
run = next_run;
}
}
CAMLprim value libssh_ml_ssh_close(value a_session)
{
// This needs to be way more comprehensive and check for
// way more things, for now let's now use.
CAMLparam1(a_session);
ssh_session sess = (ssh_session)a_session;
ssh_disconnect(sess);
ssh_free(sess);
CAMLreturn(Val_unit);
}
static void teardown(void **state)
{
ssh_session session = (ssh_session) *state;
assert_non_null(session);
if (ssh_is_connected(session)) {
ssh_disconnect(session);
}
ssh_free(session);
}
static int session_teardown(void **state)
{
struct torture_state *s = *state;
torture_rmdirs(s->ssh.tsftp->testdir);
torture_sftp_close(s->ssh.tsftp);
ssh_disconnect(s->ssh.session);
ssh_free(s->ssh.session);
return 0;
}
