SSH: Understanding Algorithm Negotiation -

-

i'm writing ssh honeypot in java personal project. i'm having trouble understanding algorithm negotiation. precise, structure of received data client. here receive, personal annotations:

00 00 07 ac == packet length  08 == padding length  14 ==  ssh_msg_kexinit  6c 31 89 77 eb 54 e1 8b d4 b1 35 08 fd 52 65 6e == cookie  00 00 00 d4 == string length kex algorithms in byte form   00 00 01 67 == string length server host key algorithms in byte form  00 00 00 e9 == string length encryption_algorithms_client_to_server in byte form  00 00 00 e9 == string length encryption_algorithms_server_to_client in byte form  00 00 01 92 == string length mac_algorithms_client_to_server in byte form  00 00 01 92 == string length mac_algorithms_server_to_client in byte form  00 00 00 1a == string length compression_algorithms_client_to_server in byte form  00 00 00 1a == string length compression_algorithms_server_to_client in byte form  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

information negotiation can found here: rfc4253

there 2 things don't understand:

  1. the padding: how calculated? according rfc4253, there should random padding (8 bytes in case). don't see anywhere. moreover, size of packet length + padding length + payload + padding should multiple of 8, isn't case here. (?)

  2. the packet length: if sum after packet length, 0x797. adding 8 byte padding (wherever is), 0x79f. correct in thinking languages client->server , server->client, although not defined, still take 4 byte each? gets me 0x7a7. if add boolean , reserved 4 bytes (see packet structure), 0x7ac. correct? mean trailing zeros have following structure:

    00 00 00 00 == length of string language_client_to_server 00 00 00 00 == length of string language_server_to_client 00 == boolean first_kex_packet_follows 00 00 00 00 == reserved rest: garbage?


Comments

Post a Comment

Popular posts from this blog

Android : Making Listview full screen -

-
<linearlayout xmlns:android="http://schemas.android.com/apk/res/android" xmlns:tools="http://schemas.android.com/tools" android:layout_width="match_parent" android:layout_height="match_parent" android:orientation="vertical" tools:context=".mainactivity"> <edittext android:layout_margintop="5dp" android:layout_width="match_parent" android:layout_height="50dp" android:background="@drawable/location_edittext" android:id="@+id/locationeditext" android:textsize="15sp" android:textcolor="#999" android:paddingleft="15dp" /> <com.example.ravi_gupta.slider.viewpagercustomduration android:layout_width="wrap_content" android:layout_height="0dp" android:id="@+id/viewpager" android:scrollbarstyle="outsideoverlay" android:layout_weight="0.5&quo
Read more

javascript - Parse JSON from the body of the POST -

-
i'm using cameratag.com record video on website. service can send json response server can save data database. don't know how proceed here: the documentation states please note json repsonse passed in body of post , not form parameters. here example of how parse response in ruby: data = json.parse(request.raw_post) video_uuid = data["uuid"] but don't know how data on javascript. i'm not experienced in js please bare me :) post sample: { "uuid": "00012710-4b65-0131-ffe6-22000a499ea4", "camera_uuid": "98373a20-79ee-0130-3e42-1231390fcc11", "created_at": "2013-12-20t05:25:02.000z", "percent_complete": 100, "short_code": "kktb4q", "metadata": { }, "state": "published", "recorded_from": "http://singwho.com", "publish_type": null, "formats": [ { "name&qu
Read more

javascript - Chrome Extension: Interacting with iframe embedded within popup -

-
i writing chrome extension needs interact urls user not have open. therefore using hidden iframes embedded within popup, , attempting click button within iframe. however, receiving same origin policy error. know possible extension interact iframes of different domain via content scripts when iframe on tab user has open, not sure if possible use content scripts interact iframes directly in popup. here code: manifest.json "content_scripts": [ { "js": [ "bin/jquery.min.js", "interaction.js" ], "all_frames": true, "run_at": "document_start", "matches": [ "http://*/*", "https://*/*" ] }], "permissions": [ "activetab", "tabs", "http://*/", "https://*/" ], interaction.js $(document).ready(function() { $('div#iframes').append("<iframe id='shop' src=
Read more