Git/ssh-audit
1
0
Fork 0
mirror of https://github.com/jtesta/ssh-audit.git synced 2025-10-30 21:15:27 +01:00
Code Issues Packages Projects Releases Wiki Activity

Move Kex to SSH2.

Browse Source
This commit is contained in:
Andris Raugulis
2016-10-06 02:59:15 +03:00
parent a193059bc9
commit ec0b4704e9
1 changed files with 84 additions and 34 deletions
Download Patch File Download Diff File Expand all files Collapse all files

102
ssh-audit.py
View File

@@ -147,39 +147,89 @@ class OutputBuffer(list):
sys.stdout = self.__stdout sys.stdout = self.__stdout
class SSH2(object):
class KexParty(object): class KexParty(object):
encryption = [] def __init__(self, enc, mac, compression, languages):
mac = [] self.__enc = enc
compression = [] self.__mac = mac
languages = [] self.__compression = compression
self.__languages = languages
@property
def encryption(self):
return self.__enc
@property
def mac(self):
return self.__mac
@property
def compression(self):
return self.__compression
@property
def languages(self):
return self.__languages
class Kex(object): class Kex(object):
cookie = None def __init__(self, cookie, kex_algs, key_algs, cli, srv, follows, unused=0):
kex_algorithms = [] self.__cookie = cookie
key_algorithms = [] self.__kex_algs = kex_algs
server = KexParty() self.__key_algs = key_algs
client = KexParty() self.__client = cli
follows = False self.__server = srv
unused = 0 self.__follows = follows
self.__unused = unused
@property
def cookie(self):
return self.__cookie
@property
def kex_algorithms(self):
return self.__kex_algs
@property
def key_algorithms(self):
return self.__key_algs
# client_to_server
@property
def client(self):
return self.__client
# server_to_client
@property
def server(self):
return self.__server
@property
def follows(self):
return self.__follows
@property
def unused(self):
return self.__unused
@classmethod @classmethod
def parse(cls, payload): def parse(cls, payload):
kex = cls()
buf = ReadBuf(payload) buf = ReadBuf(payload)
kex.cookie = buf.read(16) cookie = buf.read(16)
kex.kex_algorithms = buf.read_list() kex_algs = buf.read_list()
kex.key_algorithms = buf.read_list() key_algs = buf.read_list()
kex.client.encryption = buf.read_list() cli_enc = buf.read_list()
kex.server.encryption = buf.read_list() srv_enc = buf.read_list()
kex.client.mac = buf.read_list() cli_mac = buf.read_list()
kex.server.mac = buf.read_list() srv_mac = buf.read_list()
kex.client.compression = buf.read_list() cli_compression = buf.read_list()
kex.server.compression = buf.read_list() srv_compression = buf.read_list()
kex.client.languages = buf.read_list() cli_languages = buf.read_list()
kex.server.languages = buf.read_list() srv_languages = buf.read_list()
kex.follows = buf.read_bool() follows = buf.read_bool()
kex.unused = buf.read_int() unused = buf.read_int()
cli = SSH2.KexParty(cli_enc, cli_mac, cli_compression, cli_languages)
srv = SSH2.KexParty(srv_enc, srv_mac, srv_compression, srv_languages)
kex = cls(cookie, kex_algs, key_algs, cli, srv, follows, unused)
return kex return kex
@@ -1570,7 +1620,7 @@ def audit(conf, sshv=None):
pkm = SSH1.PublicKeyMessage.parse(payload) pkm = SSH1.PublicKeyMessage.parse(payload)
output(banner, header, pkm=pkm) output(banner, header, pkm=pkm)
elif sshv == 2: elif sshv == 2:
kex = Kex.parse(payload) kex = SSH2.Kex.parse(payload)
output(banner, header, kex=kex) output(banner, header, kex=kex)