class SSH1 (View source)

Pure-PHP implementation of SSHv1.

Constants

CIPHER_NONE

No encryption

Not supported.

CIPHER_IDEA

IDEA in CFB mode

Not supported.

CIPHER_DES

DES in CBC mode

CIPHER_3DES

Triple-DES in CBC mode

All implementations are required to support this

CIPHER_BROKEN_TSS

TRI's Simple Stream encryption CBC

Not supported nor is it defined in the official SSH1 specs. OpenSSH, however, does define it (see cipher.h), although it doesn't use it (see cipher.c)

CIPHER_RC4

RC4

Not supported.

CIPHER_BLOWFISH

Blowfish

Not supported nor is it defined in the official SSH1 specs. OpenSSH, however, defines it (see cipher.h) and uses it (see cipher.c)

AUTH_RHOSTS

.rhosts or /etc/hosts.equiv

AUTH_RSA

pure RSA authentication

AUTH_PASSWORD

password authentication

This is the only method that is supported by this library.

AUTH_RHOSTS_RSA

.rhosts with RSA host authentication

TTY_OP_END

RESPONSE_TYPE

The Response Type

RESPONSE_DATA

The Response Data

MASK_CONSTRUCTOR

MASK_CONNECTED

MASK_LOGIN

MASK_SHELL

LOG_SIMPLE

Returns the message numbers

LOG_COMPLEX

Returns the message content

LOG_REALTIME

Outputs the content real-time

LOG_REALTIME_FILE

Dumps the content real-time to a file

READ_SIMPLE

Returns when a string matching $expect exactly is found

READ_REGEX

Returns when a string matching the regular expression $expect is found

Properties

string $identifier The SSH identifier
object $fsock The Socket Object
object $crypto The cryptography object
int $bitmap Execution Bitmap
string $server_key_public_exponent The Server Key Public Exponent
string $server_key_public_modulus The Server Key Public Modulus
string $host_key_public_exponent The Host Key Public Exponent
string $host_key_public_modulus The Host Key Public Modulus
array $supported_ciphers Supported Ciphers
array $supported_authentications Supported Authentications
string $server_identification Server Identification
array $protocol_flags Protocol Flags
array $protocol_flag_log Protocol Flag Log
array $message_log Message Log
resource $realtime_log_file Real-time log file pointer
int $realtime_log_size Real-time log file size
bool $realtime_log_wrap Real-time log file wrap boolean
array $interactiveBuffer Interactive Buffer
$timeout Timeout
$curTimeout Current Timeout
$log_boundary Log Boundary
$log_long_width Log Long Width
$log_short_width Log Short Width
string $host Hostname
int $port Port Number
int $connectionTimeout Timeout for initial connection
int $cipher Default cipher

Methods

__construct(string $host, int $port = 22, int $timeout = 10, int $cipher = self::CIPHER_3DES)

Default Constructor.

bool
_connect()

Connect to an SSHv1 server

bool
login(string $username, string $password = '')

Login

setTimeout(mixed $timeout)

Set Timeout

mixed
exec(string $cmd, bool $block = true)

Executes a command on a non-interactive shell, returns the output, and quits.

bool
_initShell()

Creates an interactive shell

bool
write(string $cmd)

Inputs a command into an interactive shell.

bool
read(string $expect, int $mode = self::READ_SIMPLE)

Returns the output of an interactive shell when there's a match for $expect

bool
interactiveWrite(string $cmd)

Inputs a command into an interactive shell.

string
interactiveRead()

Returns the output of an interactive shell when no more output is available.

disconnect()

Disconnect

__destruct()

Destructor.

_disconnect(string $msg = 'Client Quit')

Disconnect

array
_get_binary_packet()

Gets Binary Packets

bool
_send_binary_packet(string $data)

Sends Binary Packets

int
_crc(string $data)

Cyclic Redundancy Check (CRC)

string
_string_shift(string $string, int $index = 1)

String Shift

BigInteger
_rsa_crypt(BigInteger $m, array $key)

RSA Encrypt

_define_array()

Define Array

array|false|string
getLog()

Returns a log of the packets that have been sent and received.

string
_format_log(array $message_log, array $message_number_log)

Formats a log for printing

string
_format_log_helper(array $matches)

Helper function for _format_log

string
getServerKeyPublicExponent(bool $raw_output = false)

Return the server key public exponent

string
getServerKeyPublicModulus(bool $raw_output = false)

Return the server key public modulus

string
getHostKeyPublicExponent(bool $raw_output = false)

Return the host key public exponent

string
getHostKeyPublicModulus(bool $raw_output = false)

Return the host key public modulus

array
getSupportedCiphers(bool $raw_output = false)

Return a list of ciphers supported by SSH1 server.

array
getSupportedAuthentications(bool $raw_output = false)

Return a list of authentications supported by SSH1 server.

string
getServerIdentification()

Return the server identification.

_append_log(int $protocol_flags, string $message)

Logs data packets

Details

SSH1 __construct(string $host, int $port = 22, int $timeout = 10, int $cipher = self::CIPHER_3DES)

Default Constructor.

Connects to an SSHv1 server

Parameters

string $host
int $port
int $timeout
int $cipher

Return Value

SSH1

bool _connect()

Connect to an SSHv1 server

Return Value

bool

bool login(string $username, string $password = '')

Login

Parameters

string $username
string $password

Return Value

bool

setTimeout(mixed $timeout)

Set Timeout

$ssh->exec('ping 127.0.0.1'); on a Linux host will never return and will run indefinitely. setTimeout() makes it so it'll timeout. Setting $timeout to false or 0 will mean there is no timeout.

Parameters

mixed $timeout

mixed exec(string $cmd, bool $block = true)

Executes a command on a non-interactive shell, returns the output, and quits.

An SSH1 server will close the connection after a command has been executed on a non-interactive shell. SSH2 servers don't, however, this isn't an SSH2 client. The way this works, on the server, is by initiating a shell with the -s option, as discussed in the following links:

{@link http://www.faqs.org/docs/bashman/bashref_65.html http://www.faqs.org/docs/bashman/bashref_65.html} {@link http://www.faqs.org/docs/bashman/bashref_62.html http://www.faqs.org/docs/bashman/bashref_62.html}

To execute further commands, a new \phpseclib\Net\SSH1 object will need to be created.

Returns false on failure and the output, otherwise.

Parameters

string $cmd
bool $block

Return Value

mixed

See also

\self::interactiveRead()
\self::interactiveWrite()

bool _initShell()

Creates an interactive shell

Return Value

bool

See also

\self::interactiveRead()
\self::interactiveWrite()

bool write(string $cmd)

Inputs a command into an interactive shell.

Parameters

string $cmd

Return Value

bool

See also

\self::interactiveWrite()

bool read(string $expect, int $mode = self::READ_SIMPLE)

Returns the output of an interactive shell when there's a match for $expect

$expect can take the form of a string literal or, if $mode == self::READ_REGEX, a regular expression.

Parameters

string $expect
int $mode

Return Value

bool

See also

\self::write()

bool interactiveWrite(string $cmd)

Inputs a command into an interactive shell.

Parameters

string $cmd

Return Value

bool

See also

\self::interactiveRead()

string interactiveRead()

Returns the output of an interactive shell when no more output is available.

Requires PHP 4.3.0 or later due to the use of the stream_select() function. If you see stuff like "^[[00m", you're seeing ANSI escape codes. According to {@link http://support.microsoft.com/kb/101875 How to Enable ANSI.SYS in a Command Window}, "Windows NT does not support ANSI escape sequences in Win32 Console applications", so if you're a Windows user, there's not going to be much recourse.

Return Value

string

See also

\self::interactiveRead()

disconnect()

Disconnect

__destruct()

Destructor.

Will be called, automatically, if you're supporting just PHP5. If you're supporting PHP4, you'll need to call disconnect().

_disconnect(string $msg = 'Client Quit')

Disconnect

Parameters

string $msg

array _get_binary_packet()

Gets Binary Packets

See 'The Binary Packet Protocol' of protocol-1.5.txt for more info.

Also, this function could be improved upon by adding detection for the following exploit: http://www.securiteam.com/securitynews/5LP042K3FY.html

Return Value

array

See also

\self::_send_binary_packet()

bool _send_binary_packet(string $data)

Sends Binary Packets

Returns true on success, false on failure.

Parameters

string $data

Return Value

bool

See also

\self::_get_binary_packet()

int _crc(string $data)

Cyclic Redundancy Check (CRC)

PHP's crc32 function is implemented slightly differently than the one that SSH v1 uses, so we've reimplemented it. A more detailed discussion of the differences can be found after $crc_lookup_table's initialization.

Parameters

string $data

Return Value

int

See also

\self::_get_binary_packet()
\self::_send_binary_packet()

string _string_shift(string $string, int $index = 1)

String Shift

Inspired by array_shift

Parameters

string $string
int $index

Return Value

string

BigInteger _rsa_crypt(BigInteger $m, array $key)

RSA Encrypt

Returns mod(pow($m, $e), $n), where $n should be the product of two (large) primes $p and $q and where $e should be a number with the property that gcd($e, ($p - 1) * ($q - 1)) == 1. Could just make anything that calls this call modexp, instead, but I think this makes things clearer, maybe...

Parameters

BigInteger $m
array $key

Return Value

BigInteger

See also

\self::__construct()

_define_array()

Define Array

Takes any number of arrays whose indices are integers and whose values are strings and defines a bunch of named constants from it, using the value as the name of the constant and the index as the value of the constant. If any of the constants that would be defined already exists, none of the constants will be defined.

array|false|string getLog()

Returns a log of the packets that have been sent and received.

Returns a string if NET_SSH1_LOGGING == self::LOG_COMPLEX, an array if NET_SSH1_LOGGING == self::LOG_SIMPLE and false if !defined('NET_SSH1_LOGGING')

Return Value

array|false|string

string _format_log(array $message_log, array $message_number_log)

Formats a log for printing

Parameters

array $message_log
array $message_number_log

Return Value

string

string _format_log_helper(array $matches)

Helper function for _format_log

For use with preg_replace_callback()

Parameters

array $matches

Return Value

string

string getServerKeyPublicExponent(bool $raw_output = false)

Return the server key public exponent

Returns, by default, the base-10 representation. If $raw_output is set to true, returns, instead, the raw bytes. This behavior is similar to PHP's md5() function.

Parameters

bool $raw_output

Return Value

string

string getServerKeyPublicModulus(bool $raw_output = false)

Return the server key public modulus

Returns, by default, the base-10 representation. If $raw_output is set to true, returns, instead, the raw bytes. This behavior is similar to PHP's md5() function.

Parameters

bool $raw_output

Return Value

string

string getHostKeyPublicExponent(bool $raw_output = false)

Return the host key public exponent

Returns, by default, the base-10 representation. If $raw_output is set to true, returns, instead, the raw bytes. This behavior is similar to PHP's md5() function.

Parameters

bool $raw_output

Return Value

string

string getHostKeyPublicModulus(bool $raw_output = false)

Return the host key public modulus

Returns, by default, the base-10 representation. If $raw_output is set to true, returns, instead, the raw bytes. This behavior is similar to PHP's md5() function.

Parameters

bool $raw_output

Return Value

string

array getSupportedCiphers(bool $raw_output = false)

Return a list of ciphers supported by SSH1 server.

Just because a cipher is supported by an SSH1 server doesn't mean it's supported by this library. If $raw_output is set to true, returns, instead, an array of constants. ie. instead of array('Triple-DES in CBC mode'), you'll get array(self::CIPHER_3DES).

Parameters

bool $raw_output

Return Value

array

array getSupportedAuthentications(bool $raw_output = false)

Return a list of authentications supported by SSH1 server.

Just because a cipher is supported by an SSH1 server doesn't mean it's supported by this library. If $raw_output is set to true, returns, instead, an array of constants. ie. instead of array('password authentication'), you'll get array(self::AUTH_PASSWORD).

Parameters

bool $raw_output

Return Value

array

string getServerIdentification()

Return the server identification.

Return Value

string

_append_log(int $protocol_flags, string $message)

Logs data packets

Makes sure that only the last 1MB worth of packets will be logged

Parameters

int $protocol_flags
string $message