Git/ssh-audit
1
0
Fork 0
mirror of https://github.com/jtesta/ssh-audit.git synced 2024-11-26 04:21:41 +01:00
Code Issues Packages Projects Releases Wiki Activity

Release 1.5.0.

Browse Source
This commit is contained in:
Andris Raugulis 2016-09-20 12:26:14 +03:00
parent 4dcf1c91cd
commit e9b9a457dd
2 changed files with 18 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
README.md
View File

@ -2,17 +2,21 @@
**ssh-audit** is a tool for ssh server auditing. **ssh-audit** is a tool for ssh server auditing.
## Features ## Features
- grab banner, detect ssh1 protocol and zlib compression; - SSH1 and SSH2 protocol server support;
- grab banner, recognize device or software and operating system, detect compression;
- gather key-exchange, host-key, encryption and message authentication code algorithms; - gather key-exchange, host-key, encryption and message authentication code algorithms;
- output algorithm information (available since, removed/disabled, unsafe/weak/legacy, etc); - output algorithm information (available since, removed/disabled, unsafe/weak/legacy, etc);
- output security information (related issues, assigned CVE list, etc);
- analyze SSH version compatibility based on algorithm information; - analyze SSH version compatibility based on algorithm information;
- historical information from OpenSSH and Dropbear SSH; - historical information from OpenSSH and Dropbear SSH;
- no dependencies, compatible with python2 and python3; - no dependencies, compatible with Python2 and Python3;
## Usage ## Usage
``` ```
usage: ssh-audit.py [-bnv] [-l <level>] <host[:port]> usage: ssh-audit.py [-bnv] [-l <level>] <host[:port]>
-1, --ssh1 force ssh version 1 only
-2, --ssh2 force ssh version 1 only
-b, --batch batch output -b, --batch batch output
-n, --no-colors disable colors -n, --no-colors disable colors
-v, --verbose verbose output -v, --verbose verbose output
@ -26,6 +30,17 @@ usage: ssh-audit.py [-bnv] [-l <level>] <host[:port]>
![screenshot](https://cloud.githubusercontent.com/assets/7356025/17623665/da5281c8-60a9-11e6-9582-13f9971c22e0.png) ![screenshot](https://cloud.githubusercontent.com/assets/7356025/17623665/da5281c8-60a9-11e6-9582-13f9971c22e0.png)
## ChangeLog ## ChangeLog
### v1.5.0 (2016-09-20)
- create security section for related security information
- match and output assigned CVE list and security issues for Dropbear SSH
- implement full SSH1 support with fingerprint information
- automatically fallback to SSH1 on protocol mismatch
- add new options to force SSH1 or SSH2 (both allowed by default)
- parse banner information and convert it to specific sofware and OS version
- do not use padding in batch mode
- several fixes (Cisco sshd, rare hangs, error handling, etc)
### v1.0.20160902 ### v1.0.20160902
- implement batch output option - implement batch output option
- implement minimum output level option - implement minimum output level option

2
ssh-audit.py
View File

@ -26,7 +26,7 @@
from __future__ import print_function from __future__ import print_function
import os, io, sys, socket, struct, random, errno, getopt, re, hashlib, base64 import os, io, sys, socket, struct, random, errno, getopt, re, hashlib, base64
VERSION = 'v1.0.20160917' VERSION = 'v1.5.0'
def usage(err=None): def usage(err=None):