{"id":21195496,"url":"https://github.com/0x4d31/hassh-utils","last_synced_at":"2025-03-17T08:06:25.490Z","repository":{"id":92636888,"uuid":"150451158","full_name":"0x4D31/hassh-utils","owner":"0x4D31","description":"hassh-utils: Nmap NSE Script and Docker image for HASSH - the SSH client/server fingerprinting method (https://github.com/salesforce/hassh)","archived":false,"fork":false,"pushed_at":"2024-09-16T23:13:30.000Z","size":90,"stargazers_count":56,"open_issues_count":2,"forks_count":15,"subscribers_count":5,"default_branch":"master","last_synced_at":"2025-03-04T09:09:28.828Z","etag":null,"topics":["docker","fingerprinting","hassh","nmap","nmap-scripts","ssh","threat-hunting"],"latest_commit_sha":null,"homepage":"","language":"Lua","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"bsd-3-clause","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/0x4D31.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2018-09-26T15:45:56.000Z","updated_at":"2024-11-20T06:29:35.000Z","dependencies_parsed_at":"2024-11-20T19:33:28.026Z","dependency_job_id":"239d815c-463e-4af4-99dd-fbbb27a6d9ef","html_url":"https://github.com/0x4D31/hassh-utils","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/0x4D31%2Fhassh-utils","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/0x4D31%2Fhassh-utils/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/0x4D31%2Fhassh-utils/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/0x4D31%2Fhassh-utils/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/0x4D31","download_url":"https://codeload.github.com/0x4D31/hassh-utils/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":243997087,"owners_count":20380979,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["docker","fingerprinting","hassh","nmap","nmap-scripts","ssh","threat-hunting"],"created_at":"2024-11-20T19:28:31.601Z","updated_at":"2025-03-17T08:06:25.450Z","avatar_url":"https://github.com/0x4D31.png","language":"Lua","funding_links":[],"categories":[],"sub_categories":[],"readme":"# hassh-utils\n\n## Docker\n\nYou can get the dockerized version of hassh.py from my Docker repository: https://hub.docker.com/r/0x4d31/hassh/\n\n```\ndocker pull 0x4d31/hassh\n```\n\n## Nmap NSE Script\n\n[ssh-hassh](ssh-hassh.nse) NSE script reports hasshServer (i.e. SSH\nServer Fingerprint) and hasshServerAlgorithms for the target SSH\nserver. The resulting hassh is compared to a list of known hasshServer\nvalues to attempt to fingerprint it.\n\nBasic usage:\n\n```\nnmap --script ssh-hassh.nse -p 22  192.168.10.136\n\nStarting Nmap 7.60 ( https://nmap.org ) at 2019-09-30 20:45 PDT\nNmap scan report for mikrotik.planethacker.net (192.168.10.136)\nHost is up (0.0063s latency).\n\nPORT   STATE SERVICE\n22/tcp open  ssh\n| ssh-hassh:\n|   Server Identification String: SSH-2.0-ROSSSH\n|   hasshServer: 592ac2fb1645c3dc26ede0a59cd46957\n|_  hasshServer Guess: SSH-2.0-ROSSSH (100%)\n\nNmap done: 1 IP address (1 host up) scanned in 0.30 seconds\n```\n\n\nA database file can be specified. See [Nmap Documentation](https://nmap.org/book/data-files-replacing-data-files.html) for more info on how Nmap handles custom data files. Generally, placing databases in /usr/share/nmap/nselib/data/ will work:\n```\nnmap --script ssh-hassh.nse --script-args database=hasshd 192.168.10.136\n```\n\nDatabase lookups can be skipped using the `skip_hasshdb` script argument:\n\n```\nnmap --script ssh-hassh.nse --script-args skip_hasshdb 192.168.10.136\n```\n\nThe client's identification string can also be specified if you want to use something besides the default value of _SSH-2.0-Nmap-SSH-HASSH_. Note: this must be formatted correctly; SSH-VERSION-STRING:\n```\nnmap --script ssh-hassh.nse --script-args client_string=SSH-2.0-asdf -p 22 192.168.10.136\n```\n\nIncreasing the verbosity with -v by will display the algorithms:\n```\nnmap --script ssh-hassh.nse -p 22 --open -Pn 192.168.10.136 -oX test.xml -v\n\n...snip...\n\nPORT   STATE SERVICE\n22/tcp open  ssh\n| ssh-hassh:\n|   Server Identification String: SSH-2.0-ROSSSH\n|   hasshServer: 592ac2fb1645c3dc26ede0a59cd46957\n|   hasshServer Guess: SSH-2.0-ROSSSH (100%)\n|_  hasshServer Algorithms: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1;aes128-ctr,aes192-ctr,aes256-ctr,aes128-cbc,aes192-cbc,aes256-cbc,blowfish-cbc,3des-cbc;hmac-sha1,hmac-md5;none\n\n...snip...\n```\n\nIncreasing the verbosity higher with -vv will list the algorithms:\n```\nnmap --script ssh-hassh.nse -p 22 --open -Pn 192.168.10.136 -oX test.xml -vv\n\n...snip...\n\nPORT   STATE SERVICE REASON\n22/tcp open  ssh     syn-ack\n| ssh-hassh:\n|   Server Identification String: SSH-2.0-ROSSSH\n|   hasshServer: 592ac2fb1645c3dc26ede0a59cd46957\n|   hasshServer Guess: SSH-2.0-ROSSSH (100%)\n|   kex_algorithms: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1\n|   encryption_algorithms: aes128-ctr,aes192-ctr,aes256-ctr,aes128-cbc,aes192-cbc,aes256-cbc,blowfish-cbc,3des-cbc\n|   mac_algorithms: hmac-sha1,hmac-md5\n|   compression_algorithms: none\n|_  server_host_key_algorithms: ssh-dss,ssh-rsa\n\n...snip...\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2F0x4d31%2Fhassh-utils","html_url":"https://awesome.ecosyste.ms/projects/github.com%2F0x4d31%2Fhassh-utils","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2F0x4d31%2Fhassh-utils/lists"}