Fix ssh auth with all key files and fix password processing, also add better exception handling

NeffIsBack · NeffIsBack · commit 4cabffb52535 · 2024-04-12T16:00:05.000-04:00
diff --git a/nxc/protocols/ssh.py b/nxc/protocols/ssh.py
@@ -4,7 +4,6 @@
 import logging
 import time
 
-from io import StringIO
 from nxc.config import process_secret
 from nxc.connection import connection, highlight
 from nxc.logger import NXCAdapter
@@ -188,19 +187,14 @@ def plaintext_login(self, username, password, private_key=""):
         stdout = None
         try:
             if self.args.key_file or private_key:
-                self.logger.debug("Logging in with key")
+                self.logger.debug(f"Logging {self.host} with username: {username}, keyfile: {self.args.key_file}")
 
-                if self.args.key_file:
-                    with open(self.args.key_file) as f:
-                        private_key = f.read()
-
-                pkey = paramiko.RSAKey.from_private_key(StringIO(private_key), password)
                 self.conn.connect(
                     self.host,
                     port=self.port,
                     username=username,
                     passphrase=password if password != "" else None,
-                    pkey=pkey,
+                    key_filename=private_key if private_key else self.args.key_file,
                     look_for_keys=False,
                     allow_agent=False,
                 )
@@ -227,13 +221,10 @@ def plaintext_login(self, username, password, private_key=""):
             # Some IOT devices will not raise exception in self.conn._transport.auth_password / self.conn._transport.auth_publickey
             _, stdout, _ = self.conn.exec_command("id")
             stdout = stdout.read().decode(self.args.codec, errors="ignore")
+        except SSHException as e:
+            self.logger.fail(f"{username}:{process_secret(password)} Could not decrypt private key, error: {e}")
         except Exception as e:
-            if self.args.key_file:
-                password = f"{process_secret(password)} (keyfile: {self.args.key_file})"
-            if "OpenSSH private key file checkints do not match" in str(e) or "password and salt must not be empty" in str(e):
-                self.logger.fail(f"{username}:{password} - Could not decrypt key file, wrong password")
-            else:
-                self.logger.fail(f"{username}:{password} {e}")
+            self.logger.fail(f"{username}:{process_secret(password)} {e}")
             self.conn.close()
             return False
         else:
@@ -286,7 +277,7 @@ def plaintext_login(self, username, password, private_key=""):
                 self.server_os_platform,
                 "- Shell access!" if shell_access else ""
             )
-            self.logger.success(f"{username}:{password} {self.mark_pwned()} {highlight(display_shell_access)}")
+            self.logger.success(f"{username}:{process_secret(password)} {self.mark_pwned()} {highlight(display_shell_access)}")
 
             return True
 
