elie/ssh-audit
1
0
Fork 0
mirror of https://github.com/jtesta/ssh-audit.git synced 2024-07-04 13:14:45 +02:00
Code Issues Packages Projects Releases Wiki Activity
136 Commits 1 Branch 15 Tags 3.1 MiB
ca6cfb81a2
Commit Graph

99 Commits

Author SHA1 Message Date
Andris Raugulis
fabb4b5bb2 Add static typing and refactor code to pass all mypy checks. 
Move Python compatibility types to first lines of code.
Add Python (text/byte) compatibility helper functions.
Check for SSH banner ASCII validity.
 2016-10-19 20:47:13 +03:00
Andris Raugulis
8ca6ec591d Handle the case when received data is in wrong encoding (not utf-8). 2016-10-18 09:45:03 +03:00
Andris Raugulis
6b76e68d0d Fix wrongly introduced Python 3 incompatibility. Fixes #14 and #15. 
Add static type checks via mypy (optional static type checker),
Add relevant tests, which could trigger the issue.
 2016-10-17 20:31:13 +03:00
Andris Raugulis
c9d58bb827 Switch to new development version. 2016-10-14 09:14:07 +03:00
Andris Raugulis
e60d4ff809 Add kex/pkm payload generation. 2016-10-13 17:53:39 +03:00
Andris Raugulis
93b908f890 Fix error output. 2016-10-13 17:53:01 +03:00
Andris Raugulis
f1e8231b67 Make usage's output independent. 2016-10-10 12:42:01 +03:00
Andris Raugulis
84ac5a30ab Decouple AuditConf from Output. 2016-10-07 19:55:31 +03:00
Andris Raugulis
705bedd608 Do not output empty algorithm. 2016-10-06 16:22:09 +03:00
Andris Raugulis
4b456dd01e Return level name, not level itself (make consistent with setter). 2016-10-06 15:18:39 +03:00
Andris Raugulis
301a27ae27 Wrap utils in single class. 2016-10-06 14:36:30 +03:00
Andris Raugulis
76f49d4016 Output unicode not bytes in Python3. 2016-10-06 03:42:43 +03:00
Andris Raugulis
ec0b4704e9 Move Kex to SSH2. 2016-10-06 02:59:15 +03:00
Andris Raugulis
a193059bc9 Lazy CRC32 initialization. 2016-10-05 14:56:36 +03:00
Andris Raugulis
7959c7448a Fix and update write buffer. Add buffer tests. 2016-10-05 06:06:26 +03:00
Andris Raugulis
262c65b7be Fix version comparison and update tests. 2016-10-05 04:09:50 +03:00
Andris Raugulis
407ddbd7ea Cosmetic whitespace fix. 2016-10-05 03:31:03 +03:00
Andris Raugulis
aee949a717 Fix software representation. Add software tests. 2016-10-05 03:27:43 +03:00
Andris Raugulis
489a24c564 Fix banner protocol (1.99) recognition and clean banner comments. Add banner tests. 2016-10-05 03:25:54 +03:00
Andris Raugulis
5269b63e64 Weigh faults to recommend lesser evil. Colorize recommendations. 2016-10-04 11:14:03 +03:00
Andris Raugulis
5de7b913fd Recognize libssh (software, history, compatibility, security, etc). Closes #8. 2016-10-04 10:27:27 +03:00
Andris Raugulis
0c98bc1397 If software is not recognized, output recommendations based on compatibility. 2016-10-03 00:29:28 +03:00
Andris Raugulis
f25e6caa2a Implement algorithm recommendations sections. 2016-09-28 17:03:38 +03:00
Andris Raugulis
29a0bb86fa Refactor algorithm pair/set reuse. 2016-09-28 17:01:37 +03:00
Andris Raugulis
1fda7b2a3e Support simple software output (without patch). 2016-09-28 16:58:58 +03:00
Andris Raugulis
7d5f74810b Back to development version. 2016-09-20 12:36:14 +03:00
Andris Raugulis
e9b9a457dd Release 1.5.0. 2016-09-20 12:26:14 +03:00
Andris Raugulis
4dcf1c91cd Bump version. 2016-09-17 20:37:48 +03:00
Andris Raugulis
3421c8e294 Output fingerprint (defaults to SHA256 format). 2016-09-17 20:37:03 +03:00
Andris Raugulis
684ea315ec Shorten variables. 2016-09-17 20:24:53 +03:00
Andris Raugulis
a70b93862a Output SSH1 host-key algorithm. 2016-09-17 20:21:18 +03:00
Andris Raugulis
b16ef4d040 Add fingerprint support. 2016-09-17 20:15:47 +03:00
Andris Raugulis
5bc31ea70c Implement SSH1 support (cipher, auth, compatibility, texts, etc) #6. 2016-09-17 20:15:21 +03:00
Andris Raugulis
fce491767c Signed mpint. 2016-09-17 19:23:24 +03:00
Andris Raugulis
ddc5ea22f5 Refactor algorithm functions. 2016-09-17 05:38:11 +03:00
Andris Raugulis
adba0ea08a Refactor timeframe and compatibility functions. 2016-09-17 00:58:06 +03:00
Andris Raugulis
11ee9ecd05 Fix output compatibility for ssh client. 2016-09-17 00:35:33 +03:00
Andris Raugulis
a861fe0c8a Since text could be empty or client-only. 2016-09-17 00:30:04 +03:00
Andris Raugulis
f6a6fb98bc Recognize Allegro Software RomSShell. 2016-09-16 16:09:49 +03:00
Andris Raugulis
cb19718568 Add SSH1 and SSH2 forcing options. By default, both are allowed. 2016-09-16 14:55:27 +03:00
Andris Raugulis
9030e71892 Initial SSH1 support (packet reading, SMSG_PUBLIC_KEY, CRC32, etc) #6. 2016-09-15 18:00:09 +03:00
Andris Raugulis
d6980242ba Pyython 2.6 compatible bit length. 2016-09-15 15:55:27 +03:00
Andris Raugulis
285d7280eb Implement mpint1 read/write. Optimize mpint writing. Test mpint1. 2016-09-15 06:09:08 +03:00
Andris Raugulis
089d7d597c Implement mpint2 read/write and tests. Refactor (Read|Write)Buf. 2016-09-14 16:33:38 +03:00
Andris Raugulis
bfa9e6f936 Do not hang when remote host closes connection fast. Fix security output. 2016-09-13 13:17:41 +03:00
Andris Raugulis
e3559a76b8 Differentiate between server and client security issues. Ignore client-side. 2016-09-13 13:01:38 +03:00
Andris Raugulis
4479db966a Implement OpenSSH version comparison. 2016-09-13 12:38:05 +03:00
Andris Raugulis
3aaad8b734 Implement specific Dropbear SSH version comparison (e.g., 0.44 vs 0.44test3). 2016-09-12 19:21:57 +03:00
Andris Raugulis
e8fd70a541 Fix Software __repr__. 2016-09-09 17:43:25 +03:00
Andris Raugulis
b11018bd7d Add other security information. Add remote root exploit for Dropbear SSH. 2016-09-08 20:04:48 +03:00