mirror of https://github.com/jtesta/ssh-audit.git
Release 1.5.0.
This commit is contained in:
parent
4dcf1c91cd
commit
e9b9a457dd
19
README.md
19
README.md
|
@ -2,17 +2,21 @@
|
||||||
**ssh-audit** is a tool for ssh server auditing.
|
**ssh-audit** is a tool for ssh server auditing.
|
||||||
|
|
||||||
## Features
|
## Features
|
||||||
- grab banner, detect ssh1 protocol and zlib compression;
|
- SSH1 and SSH2 protocol server support;
|
||||||
|
- grab banner, recognize device or software and operating system, detect compression;
|
||||||
- gather key-exchange, host-key, encryption and message authentication code algorithms;
|
- gather key-exchange, host-key, encryption and message authentication code algorithms;
|
||||||
- output algorithm information (available since, removed/disabled, unsafe/weak/legacy, etc);
|
- output algorithm information (available since, removed/disabled, unsafe/weak/legacy, etc);
|
||||||
|
- output security information (related issues, assigned CVE list, etc);
|
||||||
- analyze SSH version compatibility based on algorithm information;
|
- analyze SSH version compatibility based on algorithm information;
|
||||||
- historical information from OpenSSH and Dropbear SSH;
|
- historical information from OpenSSH and Dropbear SSH;
|
||||||
- no dependencies, compatible with python2 and python3;
|
- no dependencies, compatible with Python2 and Python3;
|
||||||
|
|
||||||
## Usage
|
## Usage
|
||||||
```
|
```
|
||||||
usage: ssh-audit.py [-bnv] [-l <level>] <host[:port]>
|
usage: ssh-audit.py [-bnv] [-l <level>] <host[:port]>
|
||||||
|
|
||||||
|
-1, --ssh1 force ssh version 1 only
|
||||||
|
-2, --ssh2 force ssh version 1 only
|
||||||
-b, --batch batch output
|
-b, --batch batch output
|
||||||
-n, --no-colors disable colors
|
-n, --no-colors disable colors
|
||||||
-v, --verbose verbose output
|
-v, --verbose verbose output
|
||||||
|
@ -26,6 +30,17 @@ usage: ssh-audit.py [-bnv] [-l <level>] <host[:port]>
|
||||||
![screenshot](https://cloud.githubusercontent.com/assets/7356025/17623665/da5281c8-60a9-11e6-9582-13f9971c22e0.png)
|
![screenshot](https://cloud.githubusercontent.com/assets/7356025/17623665/da5281c8-60a9-11e6-9582-13f9971c22e0.png)
|
||||||
|
|
||||||
## ChangeLog
|
## ChangeLog
|
||||||
|
|
||||||
|
### v1.5.0 (2016-09-20)
|
||||||
|
- create security section for related security information
|
||||||
|
- match and output assigned CVE list and security issues for Dropbear SSH
|
||||||
|
- implement full SSH1 support with fingerprint information
|
||||||
|
- automatically fallback to SSH1 on protocol mismatch
|
||||||
|
- add new options to force SSH1 or SSH2 (both allowed by default)
|
||||||
|
- parse banner information and convert it to specific sofware and OS version
|
||||||
|
- do not use padding in batch mode
|
||||||
|
- several fixes (Cisco sshd, rare hangs, error handling, etc)
|
||||||
|
|
||||||
### v1.0.20160902
|
### v1.0.20160902
|
||||||
- implement batch output option
|
- implement batch output option
|
||||||
- implement minimum output level option
|
- implement minimum output level option
|
||||||
|
|
|
@ -26,7 +26,7 @@
|
||||||
from __future__ import print_function
|
from __future__ import print_function
|
||||||
import os, io, sys, socket, struct, random, errno, getopt, re, hashlib, base64
|
import os, io, sys, socket, struct, random, errno, getopt, re, hashlib, base64
|
||||||
|
|
||||||
VERSION = 'v1.0.20160917'
|
VERSION = 'v1.5.0'
|
||||||
|
|
||||||
|
|
||||||
def usage(err=None):
|
def usage(err=None):
|
||||||
|
|
Loading…
Reference in New Issue