admin/markbase
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

Attempt to fix exchange hash calculation
Some checks failed
Test / test (push) Has been cancelled
Details
Test / build (push) Has been cancelled
Details

Browse Source 
Attempted fixes:
1. Add \r\n to version strings (reverted - incorrect)
2. Add SSH_MSG_KEXINIT byte to KEXINIT payloads (reverted - payloads already contain it)

Current issue:
- OpenSSH client still rejects SSH_MSG_KEX_ECDH_REPLY
- Client not sending NEWKEYS
- Exchange hash calculation still has subtle differences

Deep analysis completed:
- Analyzed 10 OpenSSH source functions
- Verified mpint encoding, key derivation, MAC calculation all correct
- Still need to find remaining exchange hash component differences
This commit is contained in:
Warren
2026-06-14 16:56:10 +08:00
parent 666391ef86
commit 0403a340c4
1 changed files with 1 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
markbase-core/src/ssh_server/kex_exchange.rs
View File

@@ -197,6 +197,7 @@ impl KexExchangeHandler {
let mut hasher = Sha256::new(); let mut hasher = Sha256::new();
// RFC 4253 Section 7: V_C and V_S are version strings (without \r\n based on testing)
hasher.update(&(client_version.len() as u32).to_be_bytes()); hasher.update(&(client_version.len() as u32).to_be_bytes());
hasher.update(client_version.as_bytes()); hasher.update(client_version.as_bytes());