| /dports/security/suricata/suricata-6.0.4/doc/userguide/rules/ |
| H A D | ssh-keywords.rst | 92 ssh.hassh
95 Match on hassh (md5 of of hassh algorithms of client).
103 ``ssh.hassh`` is a 'sticky buffer'.
105 ``ssh.hassh`` can be used as ``fast_pattern``.
107 ssh.hassh.string
118 ``ssh.hassh.string`` is a 'sticky buffer'.
122 ssh.hassh.server
125 Match on hassh (md5 of hassh algorithms of server).
133 ``ssh.hassh.server`` is a 'sticky buffer'.
137 ssh.hassh.server.string
[all …]
|
| /dports/security/suricata/suricata-6.0.4/rust/src/ssh/ |
| H A D | logger.rs | 31 if tx.cli_hdr.hassh.len() > 0 || tx.cli_hdr.hassh_string.len() > 0 { in log_ssh()
33 if tx.cli_hdr.hassh.len() > 0 { in log_ssh()
34 js.set_string_from_bytes("hash", &tx.cli_hdr.hassh)?; in log_ssh()
49 if tx.srv_hdr.hassh.len() > 0 || tx.srv_hdr.hassh_string.len() > 0 { in log_ssh()
51 if tx.srv_hdr.hassh.len() > 0 { in log_ssh()
52 js.set_string_from_bytes("hash", &tx.srv_hdr.hassh)?; in log_ssh()
|
| H A D | parser.rs | 159 … pub fn generate_hassh(&self, hassh_string: &mut Vec<u8>, hassh: &mut Vec<u8>, to_server: &bool) { in generate_hassh()
175 hassh.extend(format!("{:x?}", compute(&hassh_string)).as_bytes()); in generate_hassh()
525 let mut hassh: Vec<u8> = vec!(); in test_parse_hassh() localVariable
528 key_exchange.generate_hassh(&mut hassh_string, &mut hassh, &true); in test_parse_hassh()
542 assert_eq!(hassh, "ec7378c1a92f5a8dde7e8b7a1ddf33d1".as_bytes().to_vec()); in test_parse_hassh()
|
| H A D | detect.rs | 95 let m = &tx.srv_hdr.hassh; in rs_ssh_tx_get_hassh()
104 let m = &tx.cli_hdr.hassh; in rs_ssh_tx_get_hassh()
|
| H A D | ssh.rs | 74 pub hassh: Vec<u8>, field
88 hassh: Vec::new(), in new()
172 &mut hdr.hassh, in parse_record()
194 … key_exchange.generate_hassh(&mut hdr.hassh_string, &mut hdr.hassh, &resp); in parse_record()
|
| /dports/security/suricata/suricata-6.0.4/src/ |
| H A D | detect-ssh-hassh-string.c | 70 const uint8_t *hassh = NULL; in GetSshData() local
73 if (rs_ssh_tx_get_hassh_string(txv, &hassh, &b_len, flow_flags) != 1) in GetSshData()
75 if (hassh == NULL || b_len == 0) { in GetSshData()
80 InspectionBufferSetup(det_ctx, list_id, buffer, hassh, b_len); in GetSshData()
|
| H A D | detect-ssh-hassh-server-string.c | 70 const uint8_t *hassh = NULL; in GetSshData() local
73 if (rs_ssh_tx_get_hassh_string(txv, &hassh, &b_len, flow_flags) != 1) in GetSshData()
75 if (hassh == NULL || b_len == 0) { in GetSshData()
80 InspectionBufferSetup(det_ctx, list_id, buffer, hassh, b_len); in GetSshData()
|
| H A D | detect-ssh-hassh.c | 70 const uint8_t *hassh = NULL; in GetSshData() local
73 if (rs_ssh_tx_get_hassh(txv, &hassh, &b_len, flow_flags) != 1) in GetSshData()
75 if (hassh == NULL || b_len == 0) { in GetSshData()
80 InspectionBufferSetup(det_ctx, list_id, buffer, hassh, b_len); in GetSshData()
|
| H A D | util-lua-hassh.c | 172 const uint8_t *hassh = NULL; in GetHassh() local
176 if (rs_ssh_tx_get_hassh(tx, &hassh, &b_len, STREAM_TOSERVER) != 1) in GetHassh()
178 if (hassh == NULL || b_len == 0) { in GetHassh()
182 return LuaPushStringBuffer(luastate, hassh, b_len); in GetHassh()
|
| H A D | Makefile.am | 274 detect-ssh-hassh.c detect-ssh-hassh.h \
275 detect-ssh-hassh-server.c detect-ssh-hassh-server.h \
276 detect-ssh-hassh-string.c detect-ssh-hassh-string.h \
277 detect-ssh-hassh-server-string.c detect-ssh-hassh-server-string.h \
513 util-lua-hassh.c util-lua-hassh.h \
|
| H A D | Makefile.in | 280 detect-ssh-hassh.$(OBJEXT) detect-ssh-hassh-server.$(OBJEXT) \
281 detect-ssh-hassh-string.$(OBJEXT) \
282 detect-ssh-hassh-server-string.$(OBJEXT) \
736 ./$(DEPDIR)/detect-ssh-hassh-server.Po \
737 ./$(DEPDIR)/detect-ssh-hassh-string.Po \
738 ./$(DEPDIR)/detect-ssh-hassh.Po \
1511 detect-ssh-hassh.c detect-ssh-hassh.h \
1512 detect-ssh-hassh-server.c detect-ssh-hassh-server.h \
1513 detect-ssh-hassh-string.c detect-ssh-hassh-string.h \
1514 detect-ssh-hassh-server-string.c detect-ssh-hassh-server-string.h \
[all …]
|
| /dports/security/suricata/suricata-6.0.4/doc/userguide/lua/ |
| H A D | lua-functions.rst | 679 Get MD5 of hassh algorithms used by the client through HasshGet.
686 hassh = HasshGet()
687 if hassh == nil then
695 Get hassh algorithms used by the client through HasshGetString.
703 if hassh == nil then
711 Get MD5 of hassh algorithms used by the server through HasshServerGet.
719 if hassh == nil then
727 Get hassh algorithms used by the server through HasshServerGetString.
735 if hassh == nil then
|
| /dports/security/cowrie/cowrie-2.2.0/src/cowrie/ssh/ |
| H A D | transport.py | 179 hassh = md5(hasshAlgorithms.encode('utf-8')).hexdigest()
183 hassh=hassh,
|
| /dports/security/cowrie/cowrie-2.2.0/src/cowrie/ssh_proxy/ |
| H A D | server_transport.py | 291 hassh = md5(hasshAlgorithms.encode('utf-8')).hexdigest()
295 hassh=hassh,
|
| /dports/net/wireshark/wireshark-3.6.1/epan/dissectors/ |
| H A D | packet-ssh.c | 1312 gchar *hassh; in ssh_dissect_key_init() local
1373 …hassh = g_compute_checksum_for_string(G_CHECKSUM_MD5, wmem_strbuf_get_str(hassh_algo), wmem_strbuf… in ssh_dissect_key_init()
1376 ti = proto_tree_add_string(key_init_tree, hf_ssh_kex_hassh, tvb, offset, 0, hassh); in ssh_dissect_key_init()
1378 g_free(hassh); in ssh_dissect_key_init()
1382 …hassh = g_compute_checksum_for_string(G_CHECKSUM_MD5, wmem_strbuf_get_str(hassh_algo), wmem_strbuf… in ssh_dissect_key_init()
1385 ti = proto_tree_add_string(key_init_tree, hf_ssh_kex_hasshserver, tvb, offset, 0, hassh); in ssh_dissect_key_init()
1387 g_free(hassh); in ssh_dissect_key_init()
|
| /dports/net/wireshark-lite/wireshark-3.6.1/epan/dissectors/ |
| H A D | packet-ssh.c | 1312 gchar *hassh; in ssh_dissect_key_init() local
1373 …hassh = g_compute_checksum_for_string(G_CHECKSUM_MD5, wmem_strbuf_get_str(hassh_algo), wmem_strbuf… in ssh_dissect_key_init()
1376 ti = proto_tree_add_string(key_init_tree, hf_ssh_kex_hassh, tvb, offset, 0, hassh); in ssh_dissect_key_init()
1378 g_free(hassh); in ssh_dissect_key_init()
1382 …hassh = g_compute_checksum_for_string(G_CHECKSUM_MD5, wmem_strbuf_get_str(hassh_algo), wmem_strbuf… in ssh_dissect_key_init()
1385 ti = proto_tree_add_string(key_init_tree, hf_ssh_kex_hasshserver, tvb, offset, 0, hassh); in ssh_dissect_key_init()
1387 g_free(hassh); in ssh_dissect_key_init()
|
| /dports/net/tshark/wireshark-3.6.1/epan/dissectors/ |
| H A D | packet-ssh.c | 1312 gchar *hassh; in ssh_dissect_key_init() local
1373 …hassh = g_compute_checksum_for_string(G_CHECKSUM_MD5, wmem_strbuf_get_str(hassh_algo), wmem_strbuf… in ssh_dissect_key_init()
1376 ti = proto_tree_add_string(key_init_tree, hf_ssh_kex_hassh, tvb, offset, 0, hassh); in ssh_dissect_key_init()
1378 g_free(hassh); in ssh_dissect_key_init()
1382 …hassh = g_compute_checksum_for_string(G_CHECKSUM_MD5, wmem_strbuf_get_str(hassh_algo), wmem_strbuf… in ssh_dissect_key_init()
1385 ti = proto_tree_add_string(key_init_tree, hf_ssh_kex_hasshserver, tvb, offset, 0, hassh); in ssh_dissect_key_init()
1387 g_free(hassh); in ssh_dissect_key_init()
|
| /dports/net/tshark-lite/wireshark-3.6.1/epan/dissectors/ |
| H A D | packet-ssh.c | 1312 gchar *hassh; in ssh_dissect_key_init() local
1373 …hassh = g_compute_checksum_for_string(G_CHECKSUM_MD5, wmem_strbuf_get_str(hassh_algo), wmem_strbuf… in ssh_dissect_key_init()
1376 ti = proto_tree_add_string(key_init_tree, hf_ssh_kex_hassh, tvb, offset, 0, hassh); in ssh_dissect_key_init()
1378 g_free(hassh); in ssh_dissect_key_init()
1382 …hassh = g_compute_checksum_for_string(G_CHECKSUM_MD5, wmem_strbuf_get_str(hassh_algo), wmem_strbuf… in ssh_dissect_key_init()
1385 ti = proto_tree_add_string(key_init_tree, hf_ssh_kex_hasshserver, tvb, offset, 0, hassh); in ssh_dissect_key_init()
1387 g_free(hassh); in ssh_dissect_key_init()
|
| /dports/security/suricata/suricata-6.0.4/doc/userguide/output/eve/ |
| H A D | eve-json-format.rst | 1004 * "hassh.hash": MD5 of hassh algorithms of client or server
1005 * "hassh.string": hassh algorithms of client or server
1007 Hassh must be enabled in the Suricata config file (set 'app-layer.protocols.ssh.hassh' to 'yes').
1017 "hassh": {
1025 "hassh": {
|
| /dports/net/ndpi/nDPI-92a1be2/ |
| H A D | CHANGELOG.md | 291 * HASSH (https://github.com/salesforce/hassh)
|
| /dports/security/suricata/suricata-6.0.4/ |
| H A D | suricata.yaml.in | 765 #hassh: yes
|
| H A D | ChangeLog | 262 Feature #2698: hassh and hasshServer for ssh fingerprinting
|