Pure-Rust asynchronous SSH library, both client and server

#51 Support custom server_id line terminators.

Opened by evilsocket on September 1, 2021
evilsocket on September 1, 2021

Hi! I’m using thrussh to create an SSH server honeypot. Among the configuration options, the user can specify the server_id (which is basically what nmap and most of the tools use to fingerprint the SSH server). The problem is that some banners are terminated by a single “\n”, while others are terminated by “\r\n”, but the library hardcodes the latter here https://nest.pijul.com/pijul/thrussh:main/7FRJYUI62VW24.FSDAE

If someone passes a banner like “something\n”, that breaks the protocol because “\r\n” is added anyway. You can find more details about this issue here https://github.com/evilsocket/medusa/issues/3

I suggest to add the server_id termination bytes as a configurable option (default to “\r\n”). Let me know if you prefer to do the changes yourself or you’d prefer me sending a PR ^_^

pmeunier on September 1, 2021

Hi! Welcome here!

What would you think of a solution where if the &[u8] already ends with \n, we just print it, otherwise we add \r\n?

I don’t mind doing the changes, if it’s your first time using Pijul, installing it will take way more time than writing a tiny patch like this one. Just tell me.

evilsocket on September 1, 2021

Sure that should work perfectly!