mirror of
https://github.com/jtesta/ssh-audit.git
synced 2024-12-22 14:05:22 +01:00
Fixed crash during GEX tests.
This commit is contained in:
parent
83e90729e2
commit
3f2fdbaa3d
@ -182,6 +182,7 @@ For convenience, a web front-end on top of the command-line tool is available at
|
|||||||
- Results from concurrent scans against multiple hosts are no longer improperly combined; bug discovered by [Adam Russell](https://github.com/thecliguy).
|
- Results from concurrent scans against multiple hosts are no longer improperly combined; bug discovered by [Adam Russell](https://github.com/thecliguy).
|
||||||
- Hostname resolution failure no longer causes scans against multiple hosts to terminate unexpectedly; credit [Dani Cuesta](https://github.com/daniel-cues).
|
- Hostname resolution failure no longer causes scans against multiple hosts to terminate unexpectedly; credit [Dani Cuesta](https://github.com/daniel-cues).
|
||||||
- Algorithm recommendations resulting from warnings are now printed in yellow instead of red; credit [Adam Russell](https://github.com/thecliguy).
|
- Algorithm recommendations resulting from warnings are now printed in yellow instead of red; credit [Adam Russell](https://github.com/thecliguy).
|
||||||
|
- Fixed crash during GEX tests.
|
||||||
- Added 1 new key exchange: `curve448-sha512@libssh.org`.
|
- Added 1 new key exchange: `curve448-sha512@libssh.org`.
|
||||||
|
|
||||||
### v2.9.0 (2023-04-29)
|
### v2.9.0 (2023-04-29)
|
||||||
|
@ -26,6 +26,7 @@ import binascii
|
|||||||
import os
|
import os
|
||||||
import random
|
import random
|
||||||
import struct
|
import struct
|
||||||
|
import traceback
|
||||||
|
|
||||||
# pylint: disable=unused-import
|
# pylint: disable=unused-import
|
||||||
from typing import Dict, List, Set, Sequence, Tuple, Iterable # noqa: F401
|
from typing import Dict, List, Set, Sequence, Tuple, Iterable # noqa: F401
|
||||||
@ -375,19 +376,22 @@ class KexGroupExchange(KexDH):
|
|||||||
while packet_type == Protocol.MSG_DEBUG:
|
while packet_type == Protocol.MSG_DEBUG:
|
||||||
packet_type, payload = s.read_packet(2)
|
packet_type, payload = s.read_packet(2)
|
||||||
|
|
||||||
# Parse the modulus (p) and generator (g) values from the server.
|
try:
|
||||||
ptr = 0
|
# Parse the modulus (p) and generator (g) values from the server.
|
||||||
p_len = struct.unpack('>I', payload[ptr:ptr + 4])[0]
|
ptr = 0
|
||||||
ptr += 4
|
p_len = struct.unpack('>I', payload[ptr:ptr + 4])[0]
|
||||||
|
ptr += 4
|
||||||
|
|
||||||
p = int(binascii.hexlify(payload[ptr:ptr + p_len]), 16)
|
p = int(binascii.hexlify(payload[ptr:ptr + p_len]), 16)
|
||||||
ptr += p_len
|
ptr += p_len
|
||||||
|
|
||||||
g_len = struct.unpack('>I', payload[ptr:ptr + 4])[0]
|
g_len = struct.unpack('>I', payload[ptr:ptr + 4])[0]
|
||||||
ptr += 4
|
ptr += 4
|
||||||
|
|
||||||
g = int(binascii.hexlify(payload[ptr:ptr + g_len]), 16)
|
g = int(binascii.hexlify(payload[ptr:ptr + g_len]), 16)
|
||||||
ptr += g_len
|
ptr += g_len
|
||||||
|
except struct.error:
|
||||||
|
raise KexDHException("Error while parsing modulus and generator during GEX init: %s" % str(traceback.format_exc())) from None
|
||||||
|
|
||||||
# Now that we got the generator and modulus, perform the DH exchange
|
# Now that we got the generator and modulus, perform the DH exchange
|
||||||
# like usual.
|
# like usual.
|
||||||
|
Loading…
Reference in New Issue
Block a user