From 6788fd1adf0d8a227ee9a48536c4c277e71b6eee Mon Sep 17 00:00:00 2001 From: Russ Magee Date: Tue, 2 Oct 2018 11:03:10 -0700 Subject: [PATCH] Made padding size random (max/2, max]; use of improved goutmp host lookup --- hkexnet/hkexnet.go | 5 +++-- hkexshd/hkexshd.go | 16 ++++++---------- 2 files changed, 9 insertions(+), 12 deletions(-) diff --git a/hkexnet/hkexnet.go b/hkexnet/hkexnet.go index 890502b..d72c0fc 100644 --- a/hkexnet/hkexnet.go +++ b/hkexnet/hkexnet.go @@ -590,8 +590,9 @@ func (hc *Conn) WritePacket(b []byte, op byte) (n int, err error) { } //Padding - padLen := PAD_SZ - ((uint32(len(b)) + PAD_SZ) % PAD_SZ) - if padLen == PAD_SZ { + padSz := (rand.Intn(PAD_SZ) / 2) + (PAD_SZ / 2) + padLen := padSz - ((len(b) + padSz) % padSz) + if padLen == padSz { // No padding required padLen = 0 } diff --git a/hkexshd/hkexshd.go b/hkexshd/hkexshd.go index b834b42..a36ac89 100755 --- a/hkexshd/hkexshd.go +++ b/hkexshd/hkexshd.go @@ -22,7 +22,6 @@ import ( "os/exec" "os/user" "path" - "strings" "sync" "syscall" @@ -353,7 +352,7 @@ func GenAuthToken(who string, connhost string) string { // Compare to 'serverp.go' in this directory to see the equivalence. func main() { version := hkexsh.Version - + var vopt bool var chaffEnabled bool var chaffFreqMin uint @@ -510,7 +509,7 @@ func main() { if rec.Op()[0] == 'A' { // Generate automated login token addr := hc.RemoteAddr() - hname := strings.Split(addr.String(), ":")[0] + hname := goutmp.GetHost(addr.String()) log.Printf("[Generating autologin token for [%s@%s]]\n", rec.Who(), hname) token := GenAuthToken(string(rec.Who()), string(rec.ConnHost())) tokenCmd := fmt.Sprintf("echo \"%s\" | tee -a ~/.hkexsh_id", token) @@ -527,9 +526,7 @@ func main() { } else if rec.Op()[0] == 'c' { // Non-interactive command addr := hc.RemoteAddr() - //hname := goutmp.GetHost(addr.String()) - hname := strings.Split(addr.String(), ":")[0] - + hname := goutmp.GetHost(addr.String()) log.Printf("[Running command for [%s@%s]]\n", rec.Who(), hname) runErr, cmdStatus := runShellAs(string(rec.Who()), string(rec.TermType()), string(rec.Cmd()), false, hc, chaffEnabled) // Returned hopefully via an EOF or exit/logout; @@ -544,8 +541,7 @@ func main() { } else if rec.Op()[0] == 's' { // Interactive session addr := hc.RemoteAddr() - //hname := goutmp.GetHost(addr.String()) - hname := strings.Split(addr.String(), ":")[0] + hname := goutmp.GetHost(addr.String()) log.Printf("[Running shell for [%s@%s]]\n", rec.Who(), hname) utmpx := goutmp.Put_utmp(string(rec.Who()), hname) @@ -565,7 +561,7 @@ func main() { // File copy (destination) operation - client copy to server log.Printf("[Client->Server copy]\n") addr := hc.RemoteAddr() - hname := strings.Split(addr.String(), ":")[0] + hname := goutmp.GetHost(addr.String()) log.Printf("[Running copy for [%s@%s]]\n", rec.Who(), hname) runErr, cmdStatus := runClientToServerCopyAs(string(rec.Who()), string(rec.TermType()), hc, string(rec.Cmd()), chaffEnabled) // Returned hopefully via an EOF or exit/logout; @@ -587,7 +583,7 @@ func main() { // File copy (src) operation - server copy to client log.Printf("[Server->Client copy]\n") addr := hc.RemoteAddr() - hname := strings.Split(addr.String(), ":")[0] + hname := goutmp.GetHost(addr.String()) log.Printf("[Running copy for [%s@%s]]\n", rec.Who(), hname) runErr, cmdStatus := runServerToClientCopyAs(string(rec.Who()), string(rec.TermType()), hc, string(rec.Cmd()), chaffEnabled) // Returned hopefully via an EOF or exit/logout;