File ssh-publickey-acceptance
Script types:
portrule
Categories:
auth, intrusive
Download: https://svn.nmap.org/nmap/scripts/ssh-publickey-acceptance.nse
User Summary
This script takes a table of paths to private keys, passphrases, and usernames and checks each pair to see if the target ssh server accepts them for publickey authentication. If no keys are given or the known-bad option is given, the script will check if a list of known static public keys are accepted for authentication.
Script Arguments
knownbad
If specified, check if keys from publickeydb are accepted
ssh.privatekeys
Table containing filenames of privatekeys to test
publickeydb
Specifies alternative publickeydb
ssh.usernames
Table containing usernames to check
ssh.publickeys
Table containing filenames of publickkeys to test
ssh.passphrases
Table containing passphrases for each private key
Example Usage
nmap -p 22 --script ssh-publickey-acceptance --script-args "ssh.usernames={'root', 'user'}, ssh.privatekeys={'./id_rsa1', './id_rsa2'}" <target>
nmap -p 22 --script ssh-publickey-acceptance --script-args 'ssh.usernames={"root", "user"}, publickeys={"./id_rsa1.pub", "./id_rsa2.pub"}' <target>
Script Output
22/tcp open ssh syn-ack | ssh-publickey-acceptance: | Accepted Public Keys: |_ Key ./id_rsa1 accepted for user root
Requires
Author:
License: Same as Nmap--See https://nmap.org/book/man-legal.html