mirror of
https://github.com/jtesta/ssh-audit.git
synced 2024-11-24 19:41:40 +01:00
Policy check output now prints port number, if applicable.
This commit is contained in:
parent
13b065b316
commit
632adc076a
31
ssh-audit.py
31
ssh-audit.py
@ -44,7 +44,7 @@ import traceback
|
|||||||
from typing import Dict, List, Set, Sequence, Tuple, Iterable
|
from typing import Dict, List, Set, Sequence, Tuple, Iterable
|
||||||
from typing import Callable, Optional, Union, Any
|
from typing import Callable, Optional, Union, Any
|
||||||
|
|
||||||
VERSION = 'v2.2.1-dev'
|
VERSION = 'v2.3.0'
|
||||||
SSH_HEADER = 'SSH-{0}-OpenSSH_8.2' # SSH software to impersonate
|
SSH_HEADER = 'SSH-{0}-OpenSSH_8.2' # SSH software to impersonate
|
||||||
GITHUB_ISSUES_URL = 'https://github.com/jtesta/ssh-audit/issues' # The URL to the Github issues tracker.
|
GITHUB_ISSUES_URL = 'https://github.com/jtesta/ssh-audit/issues' # The URL to the Github issues tracker.
|
||||||
|
|
||||||
@ -3292,13 +3292,7 @@ def output(aconf: AuditConf, banner: Optional[SSH.Banner], header: List[str], cl
|
|||||||
if aconf.port != 22:
|
if aconf.port != 22:
|
||||||
|
|
||||||
# Check if this is an IPv6 address, as that is printed in a different format.
|
# Check if this is an IPv6 address, as that is printed in a different format.
|
||||||
is_ipv6 = True
|
if Utils.is_ipv6_address(aconf.host):
|
||||||
try:
|
|
||||||
ipaddress.IPv6Address(aconf.host)
|
|
||||||
except ipaddress.AddressValueError:
|
|
||||||
is_ipv6 = False
|
|
||||||
|
|
||||||
if is_ipv6:
|
|
||||||
host = '[%s]:%d' % (aconf.host, aconf.port)
|
host = '[%s]:%d' % (aconf.host, aconf.port)
|
||||||
else:
|
else:
|
||||||
host = '%s:%d' % (aconf.host, aconf.port)
|
host = '%s:%d' % (aconf.host, aconf.port)
|
||||||
@ -3383,7 +3377,15 @@ def evaluate_policy(aconf: AuditConf, banner: Optional['SSH.Banner'], client_hos
|
|||||||
print("Client IP: %s" % client_host)
|
print("Client IP: %s" % client_host)
|
||||||
spacing = " " # So the fields below line up with 'Client IP: '.
|
spacing = " " # So the fields below line up with 'Client IP: '.
|
||||||
else:
|
else:
|
||||||
print("Host: %s" % aconf.host)
|
host = aconf.host
|
||||||
|
if aconf.port != 22:
|
||||||
|
# Check if this is an IPv6 address, as that is printed in a different format.
|
||||||
|
if Utils.is_ipv6_address(aconf.host):
|
||||||
|
host = '[%s]:%d' % (aconf.host, aconf.port)
|
||||||
|
else:
|
||||||
|
host = '%s:%d' % (aconf.host, aconf.port)
|
||||||
|
|
||||||
|
print("Host: %s" % host)
|
||||||
print("Policy: %s%s" % (spacing, aconf.policy.get_name_and_version()))
|
print("Policy: %s%s" % (spacing, aconf.policy.get_name_and_version()))
|
||||||
print("Result: %s" % spacing, end='')
|
print("Result: %s" % spacing, end='')
|
||||||
if passed:
|
if passed:
|
||||||
@ -3590,6 +3592,17 @@ class Utils:
|
|||||||
|
|
||||||
return host, port
|
return host, port
|
||||||
|
|
||||||
|
@staticmethod
|
||||||
|
def is_ipv6_address(address: str) -> bool:
|
||||||
|
'''Returns True if address is an IPv6 address, otherwise False.'''
|
||||||
|
is_ipv6 = True
|
||||||
|
try:
|
||||||
|
ipaddress.IPv6Address(address)
|
||||||
|
except ipaddress.AddressValueError:
|
||||||
|
is_ipv6 = False
|
||||||
|
|
||||||
|
return is_ipv6
|
||||||
|
|
||||||
|
|
||||||
def build_struct(banner: Optional['SSH.Banner'], kex: Optional['SSH2.Kex'] = None, pkm: Optional['SSH1.PublicKeyMessage'] = None, client_host: Optional[str] = None) -> Any:
|
def build_struct(banner: Optional['SSH.Banner'], kex: Optional['SSH2.Kex'] = None, pkm: Optional['SSH1.PublicKeyMessage'] = None, client_host: Optional[str] = None) -> Any:
|
||||||
|
|
||||||
|
@ -1,3 +1,3 @@
|
|||||||
Host: localhost
|
Host: localhost:2222
|
||||||
Policy: Docker policy: test1 (version 1)
|
Policy: Docker policy: test1 (version 1)
|
||||||
Result: [0;32m✔ Passed[0m
|
Result: [0;32m✔ Passed[0m
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
Host: localhost
|
Host: localhost:2222
|
||||||
Policy: Docker poliicy: test10 (version 1)
|
Policy: Docker poliicy: test10 (version 1)
|
||||||
Result: [0;31m❌ Failed![0m
|
Result: [0;31m❌ Failed![0m
|
||||||
[0;33m
|
[0;33m
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
Host: localhost
|
Host: localhost:2222
|
||||||
Policy: Docker policy: test2 (version 1)
|
Policy: Docker policy: test2 (version 1)
|
||||||
Result: [0;31m❌ Failed![0m
|
Result: [0;31m❌ Failed![0m
|
||||||
[0;33m
|
[0;33m
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
Host: localhost
|
Host: localhost:2222
|
||||||
Policy: Docker policy: test3 (version 1)
|
Policy: Docker policy: test3 (version 1)
|
||||||
Result: [0;31m❌ Failed![0m
|
Result: [0;31m❌ Failed![0m
|
||||||
[0;33m
|
[0;33m
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
Host: localhost
|
Host: localhost:2222
|
||||||
Policy: Docker policy: test4 (version 1)
|
Policy: Docker policy: test4 (version 1)
|
||||||
Result: [0;31m❌ Failed![0m
|
Result: [0;31m❌ Failed![0m
|
||||||
[0;33m
|
[0;33m
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
Host: localhost
|
Host: localhost:2222
|
||||||
Policy: Docker policy: test5 (version 1)
|
Policy: Docker policy: test5 (version 1)
|
||||||
Result: [0;31m❌ Failed![0m
|
Result: [0;31m❌ Failed![0m
|
||||||
[0;33m
|
[0;33m
|
||||||
|
@ -1,3 +1,3 @@
|
|||||||
Host: localhost
|
Host: localhost:2222
|
||||||
Policy: Docker poliicy: test7 (version 1)
|
Policy: Docker poliicy: test7 (version 1)
|
||||||
Result: [0;32m✔ Passed[0m
|
Result: [0;32m✔ Passed[0m
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
Host: localhost
|
Host: localhost:2222
|
||||||
Policy: Docker poliicy: test8 (version 1)
|
Policy: Docker poliicy: test8 (version 1)
|
||||||
Result: [0;31m❌ Failed![0m
|
Result: [0;31m❌ Failed![0m
|
||||||
[0;33m
|
[0;33m
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
Host: localhost
|
Host: localhost:2222
|
||||||
Policy: Docker poliicy: test9 (version 1)
|
Policy: Docker poliicy: test9 (version 1)
|
||||||
Result: [0;31m❌ Failed![0m
|
Result: [0;31m❌ Failed![0m
|
||||||
[0;33m
|
[0;33m
|
||||||
|
@ -1,3 +1,3 @@
|
|||||||
Host: localhost
|
Host: localhost:2222
|
||||||
Policy: Docker policy: test11 (version 1)
|
Policy: Docker policy: test11 (version 1)
|
||||||
Result: [0;32m✔ Passed[0m
|
Result: [0;32m✔ Passed[0m
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
Host: localhost
|
Host: localhost:2222
|
||||||
Policy: Docker policy: test12 (version 1)
|
Policy: Docker policy: test12 (version 1)
|
||||||
Result: [0;31m❌ Failed![0m
|
Result: [0;31m❌ Failed![0m
|
||||||
[0;33m
|
[0;33m
|
||||||
|
@ -1,3 +1,3 @@
|
|||||||
Host: localhost
|
Host: localhost:2222
|
||||||
Policy: Docker policy: test13 (version 1)
|
Policy: Docker policy: test13 (version 1)
|
||||||
Result: [0;32m✔ Passed[0m
|
Result: [0;32m✔ Passed[0m
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
Host: localhost
|
Host: localhost:2222
|
||||||
Policy: Docker policy: test14 (version 1)
|
Policy: Docker policy: test14 (version 1)
|
||||||
Result: [0;31m❌ Failed![0m
|
Result: [0;31m❌ Failed![0m
|
||||||
[0;33m
|
[0;33m
|
||||||
|
@ -1,3 +1,3 @@
|
|||||||
Host: localhost
|
Host: localhost:2222
|
||||||
Policy: Docker policy: test6 (version 1)
|
Policy: Docker policy: test6 (version 1)
|
||||||
Result: [0;32m✔ Passed[0m
|
Result: [0;32m✔ Passed[0m
|
||||||
|
Loading…
Reference in New Issue
Block a user