Allgemein
      Zurück zur Startseite
      1. Enginsight Wissendatenbank
      2. Allgemein

      Custom Script: Beispiel Code für einen Wrapper + Auslesen der SSHD Konfiguration

      In den folgenden Dateien ist ein Beispiel Wrapper und ein Script zum Auslesen der sshd Konfiguration hinterlegt.

      Der Wrapper wird genutzt, um das Skript auszuführen, wobei er sich mittels SSH Key einloggt und die Informationen besorgt.
      Hierbei ist zu beachten, dass aus diesem Grund, nur ein Zielsystem im Hacktor angegeben werden sollte, da sonst die Anmeldung bei allen anderen fehlschlägt.

       

      Wrapper.sh

      #!/bin/bash

      # Enginsight Hacktor
      # This script checks if a remote host has SSH password authentication disabled.
      # The purpose of this very simple script is to demonstrate how to run custom scripts on remote hosts
      # and how to integrate the results into an audit.

      # The basic steps for running custom scripts remotely are 1) transfer 2) execution 3) cleanup

      # Check status inside the audit is based on the exit code of this script
      # 0 passed
      # 1 error
      # 5 skipped
      # 9 failed
      # stdout, stderr will be visible inside audit to allow detailed information where necessary

      HOST=$1

      shift # remove the first argument

      # verify if ssh is available
      for port in "$@"; do
          if [ "$port" = "22" ]; then
              sshAvailable=true
          fi
      done

      if ! [ "$sshAvailable" = true ] ; then
          echo "ssh disabled"
          exit 5 # skipped
      fi

      # working dir is where ngs-hacktor binary is
      HELPER_PATH="$(pwd)/scripts/helpers/sshd_check_passauth.sh"

      TMP_DIR="/tmp/ngs-hacktor-custom"
      TMP_FILEPATH="$TMP_DIR/custom.sh"
      PRIVKEY_FILE="<Pfad>"

      if ! [ -f "$HELPER_PATH" ]; then
          echo "cannot access helper: $HELPER_PATH"
          echo "faulty working dir? $(pwd)"
          exit 1 # error
      fi

      if ! [ -f "$PRIVKEY_FILE" ]; then
          echo "cannot access private key: $PRIVKEY_FILE"
          exit 1 # error
      fi

      # make temp script dir
      ssh root@"$HOST" -i "$PRIVKEY_FILE"  "mkdir -p $TMP_DIR" || { echo 'failed to make test dir' ; exit 1; }

      # copy helper script to remote addr
      scp -i "$PRIVKEY_FILE" -r "$HELPER_PATH" root@"$HOST":"$TMP_FILEPATH" || { echo 'failed to copy helper' ; exit 1; }

      # make script executable
      ssh root@"$HOST" -i "$PRIVKEY_FILE"  "chmod 755 $TMP_FILEPATH" || { echo 'failed to chmod helper' ; exit 1; }

      # run script and get exit code of helper, do not evaluate stdout/stderr
      ssh root@"$HOST" -i "$PRIVKEY_FILE"  "bash $TMP_FILEPATH >/dev/null" ; retcode=$?

      # irregardless of execution, require cleanup
      ssh root@"$HOST" -i "$PRIVKEY_FILE"  "rm -rf $TMP_DIR" || { echo "failed to remove $TMP_DIR" ; }

      if [ $retcode -eq 255 ]; then
          echo "failed to execute remotely"
          exit 1 # error
      fi

      if [ $retcode -eq 1 ]; then
          echo "remote host $HOST supports password authentication"
          exit 9 # failed
      fi

      echo "password authentication is DISABLED"

      exit 0 # passed # not required, for readability

      sshd.sh

      #!/bin/bash


      cat /etc/ssh/sshd_config | grep -E "^(\s+)?PasswordAuthentication no" ; retcode=$?

      # will exit with 1 if password authentication NOT disabled
      exit $retcode