Git
/
ssh-audit
mirror of https://github.com/jtesta/ssh-audit.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
137 Commits 1 Branch 15 Tags 5.2 MiB
Commit Graph

99 Commits

Author SHA1 Message Date
Andris Raugulis fabb4b5bb2 Add static typing and refactor code to pass all mypy checks. 
Move Python compatibility types to first lines of code.
Add Python (text/byte) compatibility helper functions.
Check for SSH banner ASCII validity.
 2016-10-19 20:47:13 +03:00
Andris Raugulis 8ca6ec591d Handle the case when received data is in wrong encoding (not utf-8). 2016-10-18 09:45:03 +03:00
Andris Raugulis 6b76e68d0d Fix wrongly introduced Python 3 incompatibility. Fixes #14 and #15. 
Add static type checks via mypy (optional static type checker),
Add relevant tests, which could trigger the issue.
 2016-10-17 20:31:13 +03:00
Andris Raugulis c9d58bb827 Switch to new development version. 2016-10-14 09:14:07 +03:00
Andris Raugulis e60d4ff809 Add kex/pkm payload generation. 2016-10-13 17:53:39 +03:00
Andris Raugulis 93b908f890 Fix error output. 2016-10-13 17:53:01 +03:00
Andris Raugulis f1e8231b67 Make usage's output independent. 2016-10-10 12:42:01 +03:00
Andris Raugulis 84ac5a30ab Decouple AuditConf from Output. 2016-10-07 19:55:31 +03:00
Andris Raugulis 705bedd608 Do not output empty algorithm. 2016-10-06 16:22:09 +03:00
Andris Raugulis 4b456dd01e Return level name, not level itself (make consistent with setter). 2016-10-06 15:18:39 +03:00
Andris Raugulis 301a27ae27 Wrap utils in single class. 2016-10-06 14:36:30 +03:00
Andris Raugulis 76f49d4016 Output unicode not bytes in Python3. 2016-10-06 03:42:43 +03:00
Andris Raugulis ec0b4704e9 Move Kex to SSH2. 2016-10-06 02:59:15 +03:00
Andris Raugulis a193059bc9 Lazy CRC32 initialization. 2016-10-05 14:56:36 +03:00
Andris Raugulis 7959c7448a Fix and update write buffer. Add buffer tests. 2016-10-05 06:06:26 +03:00
Andris Raugulis 262c65b7be Fix version comparison and update tests. 2016-10-05 04:09:50 +03:00
Andris Raugulis 407ddbd7ea Cosmetic whitespace fix. 2016-10-05 03:31:03 +03:00
Andris Raugulis aee949a717 Fix software representation. Add software tests. 2016-10-05 03:27:43 +03:00
Andris Raugulis 489a24c564 Fix banner protocol (1.99) recognition and clean banner comments. Add banner tests. 2016-10-05 03:25:54 +03:00
Andris Raugulis 5269b63e64 Weigh faults to recommend lesser evil. Colorize recommendations. 2016-10-04 11:14:03 +03:00
Andris Raugulis 5de7b913fd Recognize libssh (software, history, compatibility, security, etc). Closes #8. 2016-10-04 10:27:27 +03:00
Andris Raugulis 0c98bc1397 If software is not recognized, output recommendations based on compatibility. 2016-10-03 00:29:28 +03:00
Andris Raugulis f25e6caa2a Implement algorithm recommendations sections. 2016-09-28 17:03:38 +03:00
Andris Raugulis 29a0bb86fa Refactor algorithm pair/set reuse. 2016-09-28 17:01:37 +03:00
Andris Raugulis 1fda7b2a3e Support simple software output (without patch). 2016-09-28 16:58:58 +03:00
Andris Raugulis 7d5f74810b Back to development version. 2016-09-20 12:36:14 +03:00
Andris Raugulis e9b9a457dd Release 1.5.0. 2016-09-20 12:26:14 +03:00
Andris Raugulis 4dcf1c91cd Bump version. 2016-09-17 20:37:48 +03:00
Andris Raugulis 3421c8e294 Output fingerprint (defaults to SHA256 format). 2016-09-17 20:37:03 +03:00
Andris Raugulis 684ea315ec Shorten variables. 2016-09-17 20:24:53 +03:00
Andris Raugulis a70b93862a Output SSH1 host-key algorithm. 2016-09-17 20:21:18 +03:00
Andris Raugulis b16ef4d040 Add fingerprint support. 2016-09-17 20:15:47 +03:00
Andris Raugulis 5bc31ea70c Implement SSH1 support (cipher, auth, compatibility, texts, etc) #6. 2016-09-17 20:15:21 +03:00
Andris Raugulis fce491767c Signed mpint. 2016-09-17 19:23:24 +03:00
Andris Raugulis ddc5ea22f5 Refactor algorithm functions. 2016-09-17 05:38:11 +03:00
Andris Raugulis adba0ea08a Refactor timeframe and compatibility functions. 2016-09-17 00:58:06 +03:00
Andris Raugulis 11ee9ecd05 Fix output compatibility for ssh client. 2016-09-17 00:35:33 +03:00
Andris Raugulis a861fe0c8a Since text could be empty or client-only. 2016-09-17 00:30:04 +03:00
Andris Raugulis f6a6fb98bc Recognize Allegro Software RomSShell. 2016-09-16 16:09:49 +03:00
Andris Raugulis cb19718568 Add SSH1 and SSH2 forcing options. By default, both are allowed. 2016-09-16 14:55:27 +03:00
Andris Raugulis 9030e71892 Initial SSH1 support (packet reading, SMSG_PUBLIC_KEY, CRC32, etc) #6. 2016-09-15 18:00:09 +03:00
Andris Raugulis d6980242ba Pyython 2.6 compatible bit length. 2016-09-15 15:55:27 +03:00
Andris Raugulis 285d7280eb Implement mpint1 read/write. Optimize mpint writing. Test mpint1. 2016-09-15 06:09:08 +03:00
Andris Raugulis 089d7d597c Implement mpint2 read/write and tests. Refactor (Read|Write)Buf. 2016-09-14 16:33:38 +03:00
Andris Raugulis bfa9e6f936 Do not hang when remote host closes connection fast. Fix security output. 2016-09-13 13:17:41 +03:00
Andris Raugulis e3559a76b8 Differentiate between server and client security issues. Ignore client-side. 2016-09-13 13:01:38 +03:00
Andris Raugulis 4479db966a Implement OpenSSH version comparison. 2016-09-13 12:38:05 +03:00
Andris Raugulis 3aaad8b734 Implement specific Dropbear SSH version comparison (e.g., 0.44 vs 0.44test3). 2016-09-12 19:21:57 +03:00
Andris Raugulis e8fd70a541 Fix Software __repr__. 2016-09-09 17:43:25 +03:00
Andris Raugulis b11018bd7d Add other security information. Add remote root exploit for Dropbear SSH. 2016-09-08 20:04:48 +03:00