Andris Raugulis
|
dfb8c302bf
|
Fix pylint reported attribute-defined-outside-init.
|
2016-10-20 16:46:53 +03:00 |
Andris Raugulis
|
4120377c0b
|
Remove unnecessary argument.
|
2016-10-20 16:41:44 +03:00 |
Andris Raugulis
|
5be64a8ad2
|
Fix pylint reported dangerous-default-value.
|
2016-10-20 16:31:48 +03:00 |
Andris Raugulis
|
67087fb920
|
Fix pylint reported anomalous-backslash-in-string.
|
2016-10-20 16:27:11 +03:00 |
Andris Raugulis
|
fabb4b5bb2
|
Add static typing and refactor code to pass all mypy checks.
Move Python compatibility types to first lines of code.
Add Python (text/byte) compatibility helper functions.
Check for SSH banner ASCII validity.
|
2016-10-19 20:47:13 +03:00 |
Andris Raugulis
|
8ca6ec591d
|
Handle the case when received data is in wrong encoding (not utf-8).
|
2016-10-18 09:45:03 +03:00 |
Andris Raugulis
|
6b76e68d0d
|
Fix wrongly introduced Python 3 incompatibility. Fixes #14 and #15.
Add static type checks via mypy (optional static type checker),
Add relevant tests, which could trigger the issue.
|
2016-10-17 20:31:13 +03:00 |
Andris Raugulis
|
c9d58bb827
|
Switch to new development version.
|
2016-10-14 09:14:07 +03:00 |
Andris Raugulis
|
e60d4ff809
|
Add kex/pkm payload generation.
|
2016-10-13 17:53:39 +03:00 |
Andris Raugulis
|
93b908f890
|
Fix error output.
|
2016-10-13 17:53:01 +03:00 |
Andris Raugulis
|
f1e8231b67
|
Make usage's output independent.
|
2016-10-10 12:42:01 +03:00 |
Andris Raugulis
|
84ac5a30ab
|
Decouple AuditConf from Output.
|
2016-10-07 19:55:31 +03:00 |
Andris Raugulis
|
705bedd608
|
Do not output empty algorithm.
|
2016-10-06 16:22:09 +03:00 |
Andris Raugulis
|
4b456dd01e
|
Return level name, not level itself (make consistent with setter).
|
2016-10-06 15:18:39 +03:00 |
Andris Raugulis
|
301a27ae27
|
Wrap utils in single class.
|
2016-10-06 14:36:30 +03:00 |
Andris Raugulis
|
76f49d4016
|
Output unicode not bytes in Python3.
|
2016-10-06 03:42:43 +03:00 |
Andris Raugulis
|
ec0b4704e9
|
Move Kex to SSH2.
|
2016-10-06 02:59:15 +03:00 |
Andris Raugulis
|
a193059bc9
|
Lazy CRC32 initialization.
|
2016-10-05 14:56:36 +03:00 |
Andris Raugulis
|
7959c7448a
|
Fix and update write buffer. Add buffer tests.
|
2016-10-05 06:06:26 +03:00 |
Andris Raugulis
|
262c65b7be
|
Fix version comparison and update tests.
|
2016-10-05 04:09:50 +03:00 |
Andris Raugulis
|
407ddbd7ea
|
Cosmetic whitespace fix.
|
2016-10-05 03:31:03 +03:00 |
Andris Raugulis
|
aee949a717
|
Fix software representation. Add software tests.
|
2016-10-05 03:27:43 +03:00 |
Andris Raugulis
|
489a24c564
|
Fix banner protocol (1.99) recognition and clean banner comments. Add banner tests.
|
2016-10-05 03:25:54 +03:00 |
Andris Raugulis
|
5269b63e64
|
Weigh faults to recommend lesser evil. Colorize recommendations.
|
2016-10-04 11:14:03 +03:00 |
Andris Raugulis
|
5de7b913fd
|
Recognize libssh (software, history, compatibility, security, etc). Closes #8.
|
2016-10-04 10:27:27 +03:00 |
Andris Raugulis
|
0c98bc1397
|
If software is not recognized, output recommendations based on compatibility.
|
2016-10-03 00:29:28 +03:00 |
Andris Raugulis
|
f25e6caa2a
|
Implement algorithm recommendations sections.
|
2016-09-28 17:03:38 +03:00 |
Andris Raugulis
|
29a0bb86fa
|
Refactor algorithm pair/set reuse.
|
2016-09-28 17:01:37 +03:00 |
Andris Raugulis
|
1fda7b2a3e
|
Support simple software output (without patch).
|
2016-09-28 16:58:58 +03:00 |
Andris Raugulis
|
7d5f74810b
|
Back to development version.
|
2016-09-20 12:36:14 +03:00 |
Andris Raugulis
|
e9b9a457dd
|
Release 1.5.0.
|
2016-09-20 12:26:14 +03:00 |
Andris Raugulis
|
4dcf1c91cd
|
Bump version.
|
2016-09-17 20:37:48 +03:00 |
Andris Raugulis
|
3421c8e294
|
Output fingerprint (defaults to SHA256 format).
|
2016-09-17 20:37:03 +03:00 |
Andris Raugulis
|
684ea315ec
|
Shorten variables.
|
2016-09-17 20:24:53 +03:00 |
Andris Raugulis
|
a70b93862a
|
Output SSH1 host-key algorithm.
|
2016-09-17 20:21:18 +03:00 |
Andris Raugulis
|
b16ef4d040
|
Add fingerprint support.
|
2016-09-17 20:15:47 +03:00 |
Andris Raugulis
|
5bc31ea70c
|
Implement SSH1 support (cipher, auth, compatibility, texts, etc) #6.
|
2016-09-17 20:15:21 +03:00 |
Andris Raugulis
|
fce491767c
|
Signed mpint.
|
2016-09-17 19:23:24 +03:00 |
Andris Raugulis
|
ddc5ea22f5
|
Refactor algorithm functions.
|
2016-09-17 05:38:11 +03:00 |
Andris Raugulis
|
adba0ea08a
|
Refactor timeframe and compatibility functions.
|
2016-09-17 00:58:06 +03:00 |
Andris Raugulis
|
11ee9ecd05
|
Fix output compatibility for ssh client.
|
2016-09-17 00:35:33 +03:00 |
Andris Raugulis
|
a861fe0c8a
|
Since text could be empty or client-only.
|
2016-09-17 00:30:04 +03:00 |
Andris Raugulis
|
f6a6fb98bc
|
Recognize Allegro Software RomSShell.
|
2016-09-16 16:09:49 +03:00 |
Andris Raugulis
|
cb19718568
|
Add SSH1 and SSH2 forcing options. By default, both are allowed.
|
2016-09-16 14:55:27 +03:00 |
Andris Raugulis
|
9030e71892
|
Initial SSH1 support (packet reading, SMSG_PUBLIC_KEY, CRC32, etc) #6.
|
2016-09-15 18:00:09 +03:00 |
Andris Raugulis
|
d6980242ba
|
Pyython 2.6 compatible bit length.
|
2016-09-15 15:55:27 +03:00 |
Andris Raugulis
|
285d7280eb
|
Implement mpint1 read/write. Optimize mpint writing. Test mpint1.
|
2016-09-15 06:09:08 +03:00 |
Andris Raugulis
|
089d7d597c
|
Implement mpint2 read/write and tests. Refactor (Read|Write)Buf.
|
2016-09-14 16:33:38 +03:00 |
Andris Raugulis
|
bfa9e6f936
|
Do not hang when remote host closes connection fast. Fix security output.
|
2016-09-13 13:17:41 +03:00 |
Andris Raugulis
|
e3559a76b8
|
Differentiate between server and client security issues. Ignore client-side.
|
2016-09-13 13:01:38 +03:00 |
Andris Raugulis
|
4479db966a
|
Implement OpenSSH version comparison.
|
2016-09-13 12:38:05 +03:00 |
Andris Raugulis
|
3aaad8b734
|
Implement specific Dropbear SSH version comparison (e.g., 0.44 vs 0.44test3).
|
2016-09-12 19:21:57 +03:00 |
Andris Raugulis
|
e8fd70a541
|
Fix Software __repr__.
|
2016-09-09 17:43:25 +03:00 |
Andris Raugulis
|
b11018bd7d
|
Add other security information. Add remote root exploit for Dropbear SSH.
|
2016-09-08 20:04:48 +03:00 |
Andris Raugulis
|
864b5dae85
|
Bump version.
|
2016-09-08 19:01:17 +03:00 |
Andris Raugulis
|
bdee87c7d3
|
Do not use padding, when outputting in batch mode.
|
2016-09-08 19:00:35 +03:00 |
Andris Raugulis
|
2747907784
|
Consistent output for compression.
|
2016-09-08 18:52:38 +03:00 |
Andris Raugulis
|
243e4db74f
|
Create security section. Add CVE for Dropbear SSH.
|
2016-09-08 18:50:19 +03:00 |
Andris Raugulis
|
13d945d8df
|
Fix: Do not hang, while reading banner.
|
2016-09-08 15:01:57 +03:00 |
Andris Raugulis
|
dbcc0f2c4f
|
Do not repeat strings, use constants. Also, encapsulate MSG constants.
|
2016-09-08 14:55:58 +03:00 |
Andris Raugulis
|
3f6a8eb7ba
|
Specify order for compatibility output.
|
2016-09-08 14:10:39 +03:00 |
Andris Raugulis
|
b8effe1462
|
Better output for OpenSSH patch-level.
|
2016-09-08 14:06:36 +03:00 |
Andris Raugulis
|
6d402819cb
|
Recognize some Windows SSHd servers.
|
2016-09-07 19:40:30 +03:00 |
Andris Raugulis
|
ac64f87327
|
Extract software (Dropbear, OpenSSH, HP iLO, Cisco) and OS (NetBSD, FreeBSD) from banner.
|
2016-09-07 19:26:33 +03:00 |
Andris Raugulis
|
d07d5078cb
|
Do not capture unnecessary regex groups.
|
2016-09-07 19:22:47 +03:00 |
Andris Raugulis
|
c68211b8e7
|
Wait for server banner, before sending client banner (fixes Cisco sshd).
|
2016-09-07 14:32:40 +03:00 |
Andris Raugulis
|
280a37ba20
|
Protocol is numbers.
|
2016-09-07 13:00:53 +03:00 |
Andris Raugulis
|
2ae93b1934
|
Reduce multiple protocol prefixed banner.
|
2016-09-07 12:58:03 +03:00 |
Andris Raugulis
|
673b88b2b1
|
Select the least protocol if banner has double protocol.
|
2016-09-07 12:22:51 +03:00 |
Andris Raugulis
|
19ee986e3d
|
Extract banner and recognize other SSH1 banners (e.g, 1.3-1.5).
|
2016-09-06 18:55:17 +03:00 |
Andris Raugulis
|
f7cd4fd954
|
Better packet parsing error output (e.g., protocol mismatch).
|
2016-09-06 15:25:29 +03:00 |
Andris Raugulis
|
72b0c2e216
|
Document new arguments.
|
2016-09-02 18:08:15 +03:00 |
Andris Raugulis
|
0a5d66fcde
|
Refactor KexDB.
|
2016-09-02 17:56:47 +03:00 |
Andris Raugulis
|
fba6397721
|
Multiple style fixes (protector, veryhigh).
|
2016-09-02 17:22:00 +03:00 |
Andris Raugulis
|
c759e53779
|
Batch implies Verbose.
|
2016-09-02 16:32:32 +03:00 |
Andris Raugulis
|
34ae7d9bec
|
Fix typos.
|
2016-09-02 16:31:16 +03:00 |
Andris Raugulis
|
5189c341f3
|
Implement new features: minimum output level and batch output.
|
2016-09-02 16:25:57 +03:00 |
Andris Raugulis
|
ef8d727356
|
Fix compatibility with Python 2.6. Fixes #3.
|
2016-08-30 15:09:59 +03:00 |
Andris Raugulis
|
eb7cb4a36a
|
Release v1.0.20160812.
|
2016-08-12 16:29:51 +03:00 |
Andris Raugulis
|
d4d8c6a659
|
Parse pre-banner header. Handle sock read/write errors.
|
2016-08-12 16:20:32 +03:00 |
Andris Raugulis
|
07ca434061
|
Fix Dropbear SSH version typo.
|
2016-08-12 04:40:13 +03:00 |
Andris Raugulis
|
744aec76fb
|
Finish implementing compatibility feature.
Fix wrong algorithm warning.
Stop on empty packet.
|
2016-08-12 04:28:46 +03:00 |
Andris Raugulis
|
6df21a9891
|
Implement compatibility checker (based on returned algorithms).
|
2016-08-11 19:40:10 +03:00 |
Andris Raugulis
|
4ba3485664
|
More output refactor.
|
2016-08-11 18:47:27 +03:00 |
Andris Raugulis
|
96da1af9ef
|
Refactor result output.
|
2016-08-11 18:45:14 +03:00 |
Andris Raugulis
|
2c84824378
|
Update version number.
|
2016-08-03 17:35:35 +03:00 |
Andris Raugulis
|
f82c9825d9
|
Add new key-exchange algorithms.
Use OpenSSH 7.3 banner.
|
2016-08-03 17:32:46 +03:00 |
Andris Raugulis
|
5af8859d6b
|
Add initial code for Diffie-Hellman key exchange.
|
2016-04-01 18:37:20 +03:00 |
Andris Raugulis
|
926b78889e
|
Add write buffer, implement ssh packet sending. Use shared block size.
|
2016-04-01 18:30:54 +03:00 |
Andris Raugulis
|
b8201f2550
|
Add re-entrant banner retrieval method.
|
2016-04-01 18:19:18 +03:00 |
Andris Raugulis
|
06992d7da6
|
Refactor ssh connection within class for future improvements.
|
2016-04-01 17:56:06 +03:00 |
Andris Raugulis
|
d834074378
|
Use OpenSSH 7.2 banner.
Add OpenSSH 7.2 warning messages.
Fix OpenSSH 7.0 failure messages.
Add forgotten failure on rijndael-cbc.
Bump version.
|
2016-03-07 12:58:13 +02:00 |
Andris Raugulis
|
6f70e328b2
|
Add warnings for encryption and MAC.
Add none cipher and MAC.
|
2016-01-05 18:02:05 +02:00 |
Andris Raugulis
|
ca9baf80b8
|
Fail on unsafe elliptic curves.
|
2016-01-05 17:01:04 +02:00 |
Andris Raugulis
|
e8fd13e2d8
|
Add warnings for Kex and Ciphers.
|
2016-01-05 16:58:42 +02:00 |
Andris Raugulis
|
9d4625d9a0
|
Version bump.
|
2016-01-05 14:12:03 +02:00 |
Andris Raugulis
|
122588cb00
|
Better compression handling.
|
2016-01-05 14:10:48 +02:00 |
Andris Raugulis
|
c485ffb01e
|
Ensure reading enough data.
|
2016-01-05 14:10:02 +02:00 |
Andris Raugulis
|
716b6acaaa
|
Version bump.
|
2015-12-30 13:09:42 +02:00 |
Andris Raugulis
|
92e6aabcc8
|
Add Dropbear SSH historical information.
|
2015-12-30 13:07:50 +02:00 |
Andris Raugulis
|
f15f7dac23
|
Add support for dropbear sshd:
- send client banner first
- use data read in first chunk (buffer data)
|
2015-12-29 17:28:08 +02:00 |
Andris Raugulis
|
8ac2750cca
|
Remove unused variable.
|
2015-12-23 06:02:20 +02:00 |
Andris Raugulis
|
3fccc44bc7
|
Import source.
|
2015-12-23 05:01:24 +02:00 |