elie/ssh-audit
1
0
Fork 0
mirror of https://github.com/jtesta/ssh-audit.git synced 2025-11-03 18:52:15 +01:00
Code Issues Packages Projects Releases Wiki Activity

Server kex/host key parsing failures no longer output a stack trace unless in debug mode.

Browse Source
This commit is contained in:
Joe Testa
2024-09-25 17:34:18 -04:00
parent 67e11f82b3
commit 3b8a75e407
1 changed files with 12 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
src/ssh_audit/hostkeytest.py
View File

@@ -151,7 +151,12 @@ class HostKeyTest:
_, payload = s.read_packet() _, payload = s.read_packet()
SSH2_Kex.parse(out, payload) SSH2_Kex.parse(out, payload)
except Exception: except Exception:
out.v("Failed to parse server's kex. Stack trace:\n%s" % str(traceback.format_exc()), write_now=True) msg = "Failed to parse server's kex."
if not out.debug:
msg += " Re-run in debug mode to see stack trace."
out.v(msg, write_now=True)
out.d("Stack trace:\n%s" % str(traceback.format_exc()), write_now=True)
return return
# Do the initial DH exchange. The server responds back # Do the initial DH exchange. The server responds back
@@ -162,7 +167,12 @@ class HostKeyTest:
kex_reply = kex_group.recv_reply(s) kex_reply = kex_group.recv_reply(s)
raw_hostkey_bytes = kex_reply if kex_reply is not None else b'' raw_hostkey_bytes = kex_reply if kex_reply is not None else b''
except KexDHException: except KexDHException:
out.v("Failed to parse server's host key. Stack trace:\n%s" % str(traceback.format_exc()), write_now=True) msg = "Failed to parse server's host key."
if not out.debug:
msg += " Re-run in debug mode to see stack trace."
out.v(msg, write_now=True)
out.d("Stack trace:\n%s" % str(traceback.format_exc()), write_now=True)
# Since parsing this host key failed, there's nothing more to do but close the socket and move on to the next host key type. # Since parsing this host key failed, there's nothing more to do but close the socket and move on to the next host key type.
s.close() s.close()