Smoothed out some rough edges from PR #307.

2025-09-06 11:52:58 +02:00 · 2025-08-17 16:34:32 -04:00
parent 1c0d3d5df1
commit 970d747dcb
5 changed files with 723 additions and 515 deletions
--- a/src/ssh_audit/hardeningguides.py
+++ b/src/ssh_audit/hardeningguides.py
--- a/src/ssh_audit/ssh_audit.py
+++ b/src/ssh_audit/ssh_audit.py
@ -53,7 +53,7 @@ from ssh_audit.gextest import GEXTest
 from ssh_audit.hostkeytest import HostKeyTest
 from ssh_audit.outputbuffer import OutputBuffer
 from ssh_audit.policy import Policy
-from ssh_audit.hardeningguides import PrintHardeningGuides
+from ssh_audit.hardeningguides import Hardening_Guides
 from ssh_audit.product import Product
 from ssh_audit.protocol import Protocol
 from ssh_audit.software import Software
@ -790,13 +790,12 @@ def process_commandline(out: OutputBuffer, args: List[str]) -> 'AuditConf':  # p
    # Add long options to the parser
    parser.add_argument("--conn-rate-test", action="store", dest="conn_rate_test", metavar="N[:max_rate]", type=str, default=None, help="perform a connection rate test (useful for collecting metrics related to susceptibility of the DHEat vuln). Testing is conducted with N concurrent sockets with an optional maximum rate of connections per second")
    parser.add_argument("--dheat", action="store", dest="dheat", metavar="N[:kex[:e_len]]", type=str, default=None, help="continuously perform the DHEat DoS attack (CVE-2002-20001) against the target using N concurrent sockets.  Optionally, a specific key exchange algorithm can be specified instead of allowing it to be automatically chosen.  Additionally, a small length of the fake e value sent to the server can be chosen for a more efficient attack (such as 4).")
+    parser.add_argument("--get-hardening-guide", action="store", metavar="platform", dest="get_hardening_guide", type=str, default=None, help="retrieves the hardening guide for the specified platform name (use --list-hardening-guides to see list of available guides).")
+    parser.add_argument("--list-hardening-guides", action="store_true", dest="list_hardening_guides", default=False, help="list all official, built-in hardening guides for common systems.  Their full names can then be passed to --get-hardening-guide.  Add -v to this option to view hardening guide change logs and prior versions.")
    parser.add_argument("--lookup", action="store", dest="lookup", metavar="alg1[,alg2,...]", type=str, default=None, help="looks up an algorithm(s) without connecting to a server.")
    parser.add_argument("--skip-rate-test", action="store_true", dest="skip_rate_test", default=False, help="skip the connection rate test during standard audits (used to safely infer whether the DHEat attack is viable)")
    parser.add_argument("--threads", action="store", dest="threads", metavar="N", type=int, default=32, help="number of threads to use when scanning multiple targets (-T/--targets) (default: %(default)s)")

-    # Print Suggested Configurations from : https://www.ssh-audit.com/hardening_guides.html
-    parser.add_argument("--get-hardening-guides", nargs="*", action="append", metavar="OS Ver Client/Server", dest="get_hardening_guides", type=str, default=None, help="Print suggested server or client configurations. Usage Example : Ubuntu 2404 Server")
-    parser.add_argument("--list-hardening-guides", action="store_true", dest="list_hardening_guides", default=False, help="List supported server and client configurations.")

    # The mandatory target option.  Or rather, mandatory when -L, -T, --lookup or --print-config are not used.
    parser.add_argument("host", nargs="?", action="store", type=str, default="", help="target hostname or IPv4/IPv6 address")
@ -810,27 +809,6 @@ def process_commandline(out: OutputBuffer, args: List[str]) -> 'AuditConf':  # p
    try:
        argument = parser.parse_args(args=args)

-        if argument.list_hardening_guides is True:
-            PrintHardeningGuides.supported_varient()
-
-        if argument.get_hardening_guides is not None:
-            print_guides = (getattr(argument, 'get_hardening_guides'))[0]
-            arg_len = len(print_guides)
-            if arg_len <= 2:
-                user_arg = ""
-                for i in range(arg_len):
-                    user_arg = user_arg + " " + str(print_guides[i])
-                print(f"\033[1mUnsupported configuration : {user_arg}\033[0m")
-                PrintHardeningGuides.supported_varient()
-            else:
-                print_guides = (getattr(argument, 'get_hardening_guides'))[0]
-                os_type = print_guides[0]
-                os_ver = print_guides[1]
-                clientserver = print_guides[2]
-
-                PrintHardeningGuides(os_type, os_ver, clientserver)
-
-
        # Set simple flags.
        aconf.client_audit = argument.client_audit
        aconf.ipv4 = argument.ipv4
@ -915,8 +893,8 @@ def process_commandline(out: OutputBuffer, args: List[str]) -> 'AuditConf':  # p
        parser.print_help()
        sys.exit(exitcodes.UNKNOWN_ERROR)

-    if argument.host == "" and argument.client_audit is False and argument.targets is None and argument.list_policies is False and argument.lookup is None and argument.manual is False and argument.get_hardening_guides is None:
-        out.fail("target host must be specified, unless -c, -m, -L, -T, --lookup or --print-configuration are used", write_now=True)
+    if argument.host == "" and argument.client_audit is False and argument.targets is None and argument.list_policies is False and argument.lookup is None and argument.manual is False and argument.list_hardening_guides is False and argument.get_hardening_guide is None:
+        out.fail("target host must be specified, unless -c, -m, -L, -T, --lookup or --list-hardening-guides are used", write_now=True)
        sys.exit(exitcodes.UNKNOWN_ERROR)

    if aconf.manual:
@ -929,6 +907,14 @@ def process_commandline(out: OutputBuffer, args: List[str]) -> 'AuditConf':  # p
        list_policies(out, aconf.verbose)
        sys.exit(exitcodes.GOOD)

+    # Print a list of the hardening guides, or the specific guide requested by the user.
+    if argument.list_hardening_guides is True:
+        Hardening_Guides.list_guides(out, aconf.verbose)
+        sys.exit(exitcodes.GOOD)
+    elif argument.get_hardening_guide is not None:
+        Hardening_Guides.print_hardening_guide(out, argument.get_hardening_guide)
+        sys.exit(exitcodes.GOOD)
+
    if aconf.client_audit is False and aconf.target_file is None:
        if oport is not None:
            host = argument.host