mirror of
https://github.com/jtesta/ssh-audit.git
synced 2024-12-22 14:05:22 +01:00
Improved JSON output (#185)
This commit is contained in:
parent
79ca4b2d8b
commit
d3dd5a9cac
@ -901,13 +901,35 @@ def process_commandline(out: OutputBuffer, args: List[str], usage_cb: Callable[.
|
|||||||
|
|
||||||
def build_struct(target_host: str, banner: Optional['Banner'], cves: List[Dict[str, Union[str, float]]], kex: Optional['SSH2_Kex'] = None, pkm: Optional['SSH1_PublicKeyMessage'] = None, client_host: Optional[str] = None, software: Optional[Software] = None, algorithms: Optional[Algorithms] = None, algorithm_recommendation_suppress_list: Optional[List[str]] = None) -> Any: # pylint: disable=too-many-arguments
|
def build_struct(target_host: str, banner: Optional['Banner'], cves: List[Dict[str, Union[str, float]]], kex: Optional['SSH2_Kex'] = None, pkm: Optional['SSH1_PublicKeyMessage'] = None, client_host: Optional[str] = None, software: Optional[Software] = None, algorithms: Optional[Algorithms] = None, algorithm_recommendation_suppress_list: Optional[List[str]] = None) -> Any: # pylint: disable=too-many-arguments
|
||||||
|
|
||||||
|
def fetch_notes(algorithm, alg_type) -> dict:
|
||||||
|
alg_db = SSH2_KexDB.ALGORITHMS
|
||||||
|
alg_info = {}
|
||||||
|
if algorithm in alg_db[alg_type]:
|
||||||
|
alg_desc = alg_db[alg_type][algorithm]
|
||||||
|
ldesc = len(alg_desc)
|
||||||
|
for idx, level in enumerate(['fail', 'warn', 'info']):
|
||||||
|
if level == 'info':
|
||||||
|
versions = alg_desc[0]
|
||||||
|
since_text = Algorithm.get_since_text(versions)
|
||||||
|
if since_text is not None and len(since_text) > 0:
|
||||||
|
alg_info['since'] = since_text
|
||||||
|
idx = idx + 1
|
||||||
|
if ldesc > idx:
|
||||||
|
for t in alg_desc[idx]:
|
||||||
|
if t is None:
|
||||||
|
continue
|
||||||
|
alg_info[level] = t
|
||||||
|
else:
|
||||||
|
alg_info['warn'] = 'Unknown Algorithm'
|
||||||
|
return alg_info
|
||||||
|
|
||||||
banner_str = ''
|
banner_str = ''
|
||||||
banner_protocol = None
|
banner_protocol = None
|
||||||
banner_software = None
|
banner_software = None
|
||||||
banner_comments = None
|
banner_comments = None
|
||||||
if banner is not None:
|
if banner is not None:
|
||||||
banner_str = str(banner)
|
banner_str = str(banner)
|
||||||
banner_protocol = banner.protocol
|
banner_protocol = '.'.join(str(x) for x in banner.protocol)
|
||||||
banner_software = banner.software
|
banner_software = banner.software
|
||||||
banner_comments = banner.comments
|
banner_comments = banner.comments
|
||||||
|
|
||||||
@ -932,19 +954,22 @@ def build_struct(target_host: str, banner: Optional['Banner'], cves: List[Dict[s
|
|||||||
res['kex'] = []
|
res['kex'] = []
|
||||||
dh_alg_sizes = kex.dh_modulus_sizes()
|
dh_alg_sizes = kex.dh_modulus_sizes()
|
||||||
for algorithm in kex.kex_algorithms:
|
for algorithm in kex.kex_algorithms:
|
||||||
|
alg_notes = fetch_notes(algorithm, 'kex')
|
||||||
entry: Any = {
|
entry: Any = {
|
||||||
'algorithm': algorithm,
|
'algorithm': algorithm,
|
||||||
|
'notes': alg_notes,
|
||||||
}
|
}
|
||||||
if algorithm in dh_alg_sizes:
|
if algorithm in dh_alg_sizes:
|
||||||
hostkey_size = dh_alg_sizes[algorithm]
|
hostkey_size = dh_alg_sizes[algorithm]
|
||||||
entry['keysize'] = hostkey_size
|
entry['keysize'] = hostkey_size
|
||||||
res['kex'].append(entry)
|
res['kex'].append(entry)
|
||||||
|
|
||||||
res['key'] = []
|
res['key'] = []
|
||||||
host_keys = kex.host_keys()
|
host_keys = kex.host_keys()
|
||||||
for algorithm in kex.key_algorithms:
|
for algorithm in kex.key_algorithms:
|
||||||
|
alg_notes = fetch_notes(algorithm, 'key')
|
||||||
entry = {
|
entry = {
|
||||||
'algorithm': algorithm,
|
'algorithm': algorithm,
|
||||||
|
'notes': alg_notes,
|
||||||
}
|
}
|
||||||
if algorithm in host_keys:
|
if algorithm in host_keys:
|
||||||
hostkey_info = host_keys[algorithm]
|
hostkey_info = host_keys[algorithm]
|
||||||
@ -964,8 +989,24 @@ def build_struct(target_host: str, banner: Optional['Banner'], cves: List[Dict[s
|
|||||||
entry['casize'] = ca_size
|
entry['casize'] = ca_size
|
||||||
res['key'].append(entry)
|
res['key'].append(entry)
|
||||||
|
|
||||||
res['enc'] = kex.server.encryption
|
res['enc'] = []
|
||||||
res['mac'] = kex.server.mac
|
for algorithm in kex.server.encryption:
|
||||||
|
alg_notes = fetch_notes(algorithm, 'enc')
|
||||||
|
entry = {
|
||||||
|
'algorithm': algorithm,
|
||||||
|
'notes': alg_notes,
|
||||||
|
}
|
||||||
|
res['enc'].append(entry)
|
||||||
|
|
||||||
|
res['mac'] = []
|
||||||
|
for algorithm in kex.server.mac:
|
||||||
|
alg_notes = fetch_notes(algorithm, 'mac')
|
||||||
|
entry = {
|
||||||
|
'algorithm': algorithm,
|
||||||
|
'notes': alg_notes,
|
||||||
|
}
|
||||||
|
res['mac'].append(entry)
|
||||||
|
|
||||||
res['fingerprints'] = []
|
res['fingerprints'] = []
|
||||||
host_keys = kex.host_keys()
|
host_keys = kex.host_keys()
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user