mirror of
https://github.com/MegaManSec/SSH-Snake.git
synced 2024-12-04 20:30:37 +01:00
Use ssh_timeout for dns timeout, slightly less gnu-ism, and finish if no dests.
This commit is contained in:
parent
f9a46b8c86
commit
730963eb57
@ -259,14 +259,15 @@ printf "[%s]" "$(date +%s)"
|
||||
printf "%s\n" "$line"
|
||||
done < <(echo 'printf "%s" "$1" | base64 -d | stdbuf -o0 bash --noprofile --norc -s $1' | stdbuf -o0 bash --noprofile --norc -s "$(printf "%s" "$local_script" | base64 | tr -d '\n')" 2>&1 | grep -v -F 'INTERNAL_MSG')
|
||||
[[ $use_retry_all_dests -eq 1 ]] || return
|
||||
printf "\n\n---------------------------------------\n\n"
|
||||
printf "use_retry_all_dests=1. Re-starting.\n"
|
||||
local retried_interesting_dests
|
||||
retried_interesting_dests="$(gen_retried_interesting_dests | sort -u)"
|
||||
[[ "${#retried_interesting_dests}" -gt 0 ]] || return
|
||||
printf "\n\n---------------------------------------\n\n"
|
||||
printf "use_retry_all_dests=1. Re-starting.\n"
|
||||
printf "%s destinations (from %s unique servers) added to interesting_dests.\n" "$(echo "$retried_interesting_dests" | wc -l)" "${#root_ssh_hostnames_dests[@]}"
|
||||
retried_interesting_dests="$(echo "$retried_interesting_dests" | tr '\n' ' ')"
|
||||
printf "\n---------------------------------------\n\n\n"
|
||||
local_script="$(printf "%s" "$local_script" | sed '/^interesting_dests=(/c\interesting_dests=('"$retried_interesting_dests"')')"
|
||||
local_script="$(printf "%s" "$local_script" | sed 's/^interesting_dests=(/interesting_dests=('"$retried_interesting_dests"'/')"
|
||||
local_script="$(printf "%s" "$local_script" | sed 's/^use_retry_all_dests=1/use_retry_all_dests=2/')"
|
||||
remove_function="find_from_authorized_keys find_from_hosts find_from_last find_arp_neighbours find_d_block find_from_ignore_list find_from_known_hosts find_from_hashed_known_hosts find_from_prev_dest combinate_users_hosts_aggressive combinate_interesting_users_hosts interesting_users interesting_hosts deduplicate_resolved_hosts_keys init_ignored ignored_users ignored_hosts ignored_dests find_user_from_file "
|
||||
local_script="$(remove_functions "$local_script" "$remove_function")"
|
||||
@ -997,7 +998,7 @@ local res
|
||||
local use_mac
|
||||
local to
|
||||
if command -v timeout >/dev/null 2>&1; then
|
||||
to="timeout 5"
|
||||
to="timeout $ssh_timeout"
|
||||
fi
|
||||
if getent ahostsv4 -- 1.1.1.1 >/dev/null 2>&1; then
|
||||
res="$to getent ahostsv4 --"
|
||||
@ -1022,7 +1023,6 @@ for ssh_dest in "${!ssh_dests[@]}"; do
|
||||
local ssh_user
|
||||
local ssh_host
|
||||
local resolved_ssh_host
|
||||
ssh_dest="${ssh_dest,,}"
|
||||
is_ssh_dest "$ssh_dest" || continue
|
||||
ssh_user="${ssh_dest%%@*}"
|
||||
ssh_host="${ssh_dest#*@}"
|
||||
|
18
Snake.sh
18
Snake.sh
@ -25,7 +25,7 @@ ignore_user=0 # [0|1]: Consider a dest already scanned based only on the ip addr
|
||||
|
||||
use_sudo=1 # [1|0]: Attempt to use sudo on the dest. This may generate a large amount of security-related logs and can be extremely noisy.
|
||||
|
||||
ssh_timeout=3 # [3|n]: The connection timeout for ssh. See ssh_config(5)'s ConnectTimeout.
|
||||
ssh_timeout=3 # [3|n]: The connection timeout for ssh and DNS resolution. See ssh_config(5)'s ConnectTimeout.
|
||||
|
||||
retry_count=3 # [3|n]: In some cases, a recoverable error in ssh may be encountered (such as trying to access an an AWS instance with a disabled username). This number corresponds to the maximum amount of times the destination is tried again. It's generally advised to set this to at least 1.
|
||||
|
||||
@ -482,18 +482,21 @@ shape_script() {
|
||||
|
||||
[[ $use_retry_all_dests -eq 1 ]] || return
|
||||
|
||||
local retried_interesting_dests
|
||||
retried_interesting_dests="$(gen_retried_interesting_dests | sort -u)"
|
||||
|
||||
[[ "${#retried_interesting_dests}" -gt 0 ]] || return
|
||||
|
||||
printf "\n\n---------------------------------------\n\n"
|
||||
printf "use_retry_all_dests=1. Re-starting.\n"
|
||||
|
||||
local retried_interesting_dests
|
||||
retried_interesting_dests="$(gen_retried_interesting_dests | sort -u)"
|
||||
|
||||
printf "%s destinations (from %s unique servers) added to interesting_dests.\n" "$(echo "$retried_interesting_dests" | wc -l)" "${#root_ssh_hostnames_dests[@]}"
|
||||
retried_interesting_dests="$(echo "$retried_interesting_dests" | tr '\n' ' ')"
|
||||
|
||||
printf "\n---------------------------------------\n\n\n"
|
||||
|
||||
local_script="$(printf "%s" "$local_script" | sed '/^interesting_dests=(/c\interesting_dests=('"$retried_interesting_dests"')')"
|
||||
local_script="$(printf "%s" "$local_script" | sed 's/^interesting_dests=(/interesting_dests=('"$retried_interesting_dests"'/')"
|
||||
local_script="$(printf "%s" "$local_script" | sed 's/^use_retry_all_dests=1/use_retry_all_dests=2/')"
|
||||
|
||||
# We do not want to find any new dests and so on, so remove all of the non-key functions.
|
||||
@ -1682,7 +1685,7 @@ deduplicate_resolved_hosts_keys() {
|
||||
|
||||
# DNS timeout of 5 seconds per address (bleh, hack).
|
||||
if command -v timeout >/dev/null 2>&1; then
|
||||
to="timeout 5"
|
||||
to="timeout $ssh_timeout"
|
||||
fi
|
||||
|
||||
# Use getent if it's available.
|
||||
@ -1720,9 +1723,6 @@ deduplicate_resolved_hosts_keys() {
|
||||
local ssh_host
|
||||
local resolved_ssh_host
|
||||
|
||||
# Make everything lower case.
|
||||
ssh_dest="${ssh_dest,,}"
|
||||
|
||||
is_ssh_dest "$ssh_dest" || continue # Checks if the host has been ignored in this loop
|
||||
|
||||
ssh_user="${ssh_dest%%@*}"
|
||||
@ -1900,7 +1900,9 @@ add_ssh_dest() {
|
||||
local ssh_user
|
||||
|
||||
ssh_dest="$1"
|
||||
|
||||
ssh_dest="${ssh_dest,,}"
|
||||
|
||||
ssh_user="${ssh_dest%%@*}"
|
||||
ssh_host="${ssh_dest#*@}"
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user