Nmap ssh2-enum-algos NSE Script


This page contains detailed information about how to use the ssh2-enum-algos NSE script. For list of all NSE scripts, visit the Nmap NSE Library.

Script Overview

Script source code: https://github.com/nmap/nmap/tree/master/scripts/ssh2-enum-algos.nse
Script categories: safe, discovery
Target service / protocol: ssh
Target network port(s): 22
List of CVEs: -

Script Description

The ssh2-enum-algos.nse script reports the number of algorithms (for encryption, compression, etc.) that the target SSH2 server offers. If verbosity is set, the offered algorithms are each listed by type.

If the "client to server" and "server to client" algorithm lists are identical (order specifies preference) then the list is shown only once under a combined type.

Ssh2-enum-algos NSE Script Arguments

The ssh2-enum-algos.nse script does not have any arguments.

Ssh2-enum-algos NSE Script Example Usage

Here's an example of how to use the ssh2-enum-algos.nse script:

nmap --script ssh2-enum-algos target

Ssh2-enum-algos NSE Script Example Output

Here's a sample output from the ssh2-enum-algos.nse script:

PORT   STATE SERVICE
22/tcp open  ssh
| ssh2-enum-algos:
|   kex_algorithms (4)
|       diffie-hellman-group-exchange-sha256
|       diffie-hellman-group-exchange-sha1
|       diffie-hellman-group14-sha1
|       diffie-hellman-group1-sha1
|   server_host_key_algorithms (2)
|       ssh-rsa
|       ssh-dss
|   encryption_algorithms (13)
|       aes128-ctr
|       aes192-ctr
|       aes256-ctr
|       arcfour256
|       arcfour128
|       aes128-cbc
|       3des-cbc
|       blowfish-cbc
|       cast128-cbc
|       aes192-cbc
|       aes256-cbc
|       arcfour
|       [email protected]
|   mac_algorithms (6)
|       hmac-md5
|       hmac-sha1
|       hmac-ripemd160
|       [email protected]
|       hmac-sha1-96
|       hmac-md5-96
|   compression_algorithms (2)
|       none
|_      [email protected]

Ssh2-enum-algos NSE Script Example XML Output

Here's a sample XML output from the ssh2-enum-algos.nse script produced by providing the -oX <file> Nmap option:

 <table key="kex_algorithms">
   <elem>ecdh-sha2-nistp256</elem>
   <elem>ecdh-sha2-nistp384</elem>
   <elem>ecdh-sha2-nistp521</elem>
   <elem>diffie-hellman-group-exchange-sha256</elem>
   <elem>diffie-hellman-group-exchange-sha1</elem>
   <elem>diffie-hellman-group14-sha1</elem>
   <elem>diffie-hellman-group1-sha1</elem>
 </table>
 <table key="server_host_key_algorithms">
   <elem>ssh-rsa</elem>
   <elem>ecdsa-sha2-nistp256</elem>
 </table>
 <table key="encryption_algorithms">
   <elem>aes128-ctr</elem>
   <elem>aes192-ctr</elem>
   <elem>aes256-ctr</elem>
   <elem>aes128-cbc</elem>
   <elem>3des-cbc</elem>
   <elem>blowfish-cbc</elem>
   <elem>cast128-cbc</elem>
   <elem>aes192-cbc</elem>
   <elem>aes256-cbc</elem>
 </table>
 <table key="mac_algorithms">
   <elem>hmac-sha1</elem>
   <elem>[email protected]</elem>
   <elem>hmac-ripemd160</elem>
   <elem>hmac-sha2-256</elem>
   <elem>hmac-sha2-512</elem>
 </table>
 <table key="compression_algorithms">
   <elem>none</elem>
   <elem>[email protected]</elem>
 </table>

Author

  • Kris Katterjohn

References

See Also

Visit Nmap NSE Library for more scripts.

Version

This page has been created based on Nmap version 7.92.