dissect.target.plugins.apps.ssh.putty
¶
Module Contents¶
Classes¶
Extract artifacts from the PuTTY client. |
Functions¶
Parse host and user from PuTTY hostname component. |
|
Returns OpenSSH format public key calculated from PuTTY SshHostKeys format and set of fingerprints. |
Attributes¶
- dissect.target.plugins.apps.ssh.putty.HAS_CRYPTO = True¶
- dissect.target.plugins.apps.ssh.putty.log¶
- dissect.target.plugins.apps.ssh.putty.PuTTYUserRecordDescriptor¶
- dissect.target.plugins.apps.ssh.putty.PuTTYSessionRecord¶
- class dissect.target.plugins.apps.ssh.putty.PuTTYPlugin(target)¶
Bases:
dissect.target.plugins.apps.ssh.ssh.SSHPlugin
Extract artifacts from the PuTTY client.
Note
Does not parse
$HOME/.putty/randomseed
(GNU/Linux) andHKCU\Software\SimonTatham\PuTTY\RandSeedFile
(Windows)
- Resources:
- __namespace__ = 'putty'¶
- check_compatible() None ¶
Perform a compatibility check with the target.
This function should return
None
if the plugin is compatible with the current target (self.target
). For example, check if a certain file exists. Otherwise it should raise anUnsupportedPluginError
.- Raises:
UnsupportedPluginError – If the plugin could not be loaded.
- known_hosts() Iterator[dissect.target.plugins.apps.ssh.ssh.KnownHostRecord] ¶
Parse PuTTY saved SshHostKeys.
- sessions() Iterator[PuTTYSessionRecord] ¶
Parse PuTTY saved session configuration files.
- dissect.target.plugins.apps.ssh.putty.parse_host_user(host: str, user: str) tuple[str, str] ¶
Parse host and user from PuTTY hostname component.
- dissect.target.plugins.apps.ssh.putty.construct_public_key(key_type: str, iv: str) tuple[str, tuple[str, str, str]] ¶
Returns OpenSSH format public key calculated from PuTTY SshHostKeys format and set of fingerprints.
PuTTY stores raw public key components instead of OpenSSH-formatted public keys or fingerprints. With RSA public keys the exponent and modulus are stored. With ECC keys the x and y prime coordinates are stored together with the curve type.
Currently supports
ssh-ed25519
,ecdsa-sha2-nistp256
andrsa2
key types.NOTE: More key types could be supported in the future.