mirror.MikroTik/casterbyte.Sara
1
0
Fork 0
mirror of https://github.com/casterbyte/Sara.git synced 2025-07-16 17:44:30 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

feat: add support for ssh keys passphrases

Browse source 
This commit adds the support for using keyphrases to unlock the ssh key content introducted in 4ae35cff38
This commit is contained in:
Matthieu Pignolet 2025-05-25 11:23:49 +04:00
parent 4ae35cff38
commit ee46c0736f
No known key found for this signature in database
GPG key ID: 892400B3FD4E40FB
1 changed files with 16 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

19
sara.py
View file

@ -44,7 +44,7 @@ def banner():
print() print()
# Establish SSH connection to the RouterOS device using Netmiko # Establish SSH connection to the RouterOS device using Netmiko
def connect_to_router(ip, username, password, port, key_file): def connect_to_router(ip, username, password, port, key_file, passphrase):
device = { device = {
"device_type": "mikrotik_routeros", "device_type": "mikrotik_routeros",
"host": ip, "host": ip,
@ -52,6 +52,7 @@ def connect_to_router(ip, username, password, port, key_file):
"password": password, "password": password,
"port": port, "port": port,
"key_file": key_file, "key_file": key_file,
"passphrase": passphrase,
} }
try: try:
print(Fore.GREEN + Style.BRIGHT + f"[*] Connecting to RouterOS at {ip}:{port}") print(Fore.GREEN + Style.BRIGHT + f"[*] Connecting to RouterOS at {ip}:{port}")
@ -743,6 +744,7 @@ def main():
parser.add_argument("--username", help="SSH username (RO account can be used)") parser.add_argument("--username", help="SSH username (RO account can be used)")
parser.add_argument("--password", help="SSH password") parser.add_argument("--password", help="SSH password")
parser.add_argument("--ssh-key", help="SSH key") parser.add_argument("--ssh-key", help="SSH key")
parser.add_argument("--passphrase", help="SSH key passphrase")
parser.add_argument("--port", type=int, default=22, help="SSH port (default: 22)") parser.add_argument("--port", type=int, default=22, help="SSH port (default: 22)")
args = parser.parse_args() args = parser.parse_args()
@ -764,7 +766,12 @@ def main():
print(Fore.YELLOW + Style.BRIGHT + "[!] ERROR: Can't use both password & ssh_key authentication") print(Fore.YELLOW + Style.BRIGHT + "[!] ERROR: Can't use both password & ssh_key authentication")
print(Fore.YELLOW + "[!] Use 'sara --help' for more information") print(Fore.YELLOW + "[!] Use 'sara --help' for more information")
sys.exit(1) sys.exit(1)
if args.passphrase and not args.ssh_key:
print(Fore.YELLOW + Style.BRIGHT + "[!] ERROR: The passphrase argument can't be used when not specifying a ssh_key")
print(Fore.YELLOW + "[!] Use 'sara --help' for more information")
sys.exit(1)
confirm_legal_usage() confirm_legal_usage()
@ -772,7 +779,13 @@ def main():
start_time = time.time() start_time = time.time()
# Connecting to the router # Connecting to the router
connection = connect_to_router(args.ip, args.username, args.password, args.port, args.ssh_key) connection = connect_to_router(args.ip,
args.username,
args.password,
args.port,
args.ssh_key,
args.passphrase
)
# Execute all implemented security checks in sequence # Execute all implemented security checks in sequence
check_routeros_version(connection) check_routeros_version(connection)