Commit Graph

109 Commits

Author SHA1 Message Date
Joe Testa 7f8d6b4d5b Fixed built-in policy formatting and filled in missing host key size information. 2023-04-26 15:47:58 -04:00
Joe Testa 263267c5ad Added support for mixed host key/CA key types (i.e.: RSA host keys signed by ED25519 CAs) (#120). 2023-04-25 09:17:32 -04:00
Joe Testa 4f31304b66 Alphabetized algorithm database. 2023-03-28 12:09:25 -04:00
Joe Testa dc083de87e Added recommendations and CVE information to JSON output (#122). 2023-03-24 18:48:36 -04:00
Joe Testa cc9e4fbc4a Generic failure/warning messages replaced with more specific reasons. SHA-1 algorithms now cause failures. CBC mode ciphers are now warnings instead of failures. 2023-03-23 21:36:02 -04:00
Joe Testa 992aa1b961 Added support for kex GSS wildcards (#143). 2023-03-21 22:17:23 -04:00
Joe Testa 413dea60ae Fixed docker tests affected by previous commit. 2023-03-21 14:58:00 -04:00
Joe Testa 71feaa191e Add note regarding OpenSSH's 2048-bit GEX fallback, and suppress the related recommendation since the user cannot control it (partly related to #168). 2023-03-21 11:44:45 -04:00
Joe Testa 7bbf4cdff0 Fix tox tests. 2023-02-06 18:24:03 -05:00
Joe Testa c9dc9a9c10 Now issues a warning when 2048-bit moduli are encountered. 2023-02-06 16:27:30 -05:00
Joe Testa b9520cbc25 Fixed pylint & flake8 warnings and errors. 2022-10-10 20:40:29 -04:00
Joe Testa c6b8dc97e1 Fixed tests. 2022-02-21 21:48:10 -05:00
tomatohater1337 1f0b3acff2
Complete "target" in the JSON output with the port (#123)
* Complete "target" in JSON output with the port

The JSON output was not showing the port of the target which was scanned. This could be problematic when scanning a host with more than one ssh service running.

* Docker tests completet with the port of the scan target in the JSON output
2021-10-13 23:44:55 -04:00
Joe Testa 07862489c4 Added MD5 fingerprint hashes to verbose output. 2021-05-20 18:03:24 -04:00
Joe Testa 8e9fe20fac SSH_Socket's constructor now takes an OutputBuffer for verbose & debugging output. 2021-03-02 11:25:37 -05:00
Joe Testa b300ad1252 Refactored IPv4/6 preference logic to fix pylint warnings. 2021-02-23 16:05:01 -05:00
Joe Testa 1bbc3feb57 Added OpenSSH 8.5 built-in policy. Added sntrup761x25519-sha512@openssh.com kex. 2021-02-23 16:02:20 -05:00
Joe Testa e0f0956edc Added extra warnings for SSHv1. (#6) 2021-02-02 12:20:37 -05:00
Joe Testa c49a0fb22f Upgraded SHA-1 key signatures from warnings to failures. Added deprecation warning to ssh-rsa-cert-v00@openssh.com, ssh-rsa-cert-v01@openssh.com, x509v3-sign-rsa, and x509v3-ssh-rsa host key types. 2021-02-01 19:19:46 -05:00
Joe Testa 13d15baa2a Added multi-threaded scanning support. 2021-02-01 13:10:06 -05:00
Joe Testa 0d9881966c Added version check for OpenSSH user enumeration (CVE-2018-15473). (#83) 2020-11-05 20:24:09 -05:00
Joe Testa c2da269f06 Added missing tests. 2020-10-21 19:40:22 -04:00
Joe Testa 175bd2cf66 Fixed recommendation output function from suppressing some algorithms inappropriately. 2020-10-20 21:34:34 -04:00
Joe Testa ec48249deb Now reports policy errors in an easier to read format. (#63) 2020-10-20 16:25:39 -04:00
Joe Testa 240b705d61 OpenSSH-portable patch level 1 now considered equivalent to stock OpenBSD version. 2020-10-20 13:17:32 -04:00
Joe Testa 83d8014a50 Fixed OpenSSH patch version comparison. (#74) 2020-10-19 18:49:52 -04:00
Joe Testa 046c866da4 Moved built-in policies from external files to internal database. (#75) 2020-10-19 17:27:37 -04:00
Joe Testa 1a5c0e7fad Split ssh_audit.py into separate files (#47). 2020-10-15 14:34:23 -04:00
Ganden Schaffner b15664929f
Improve PyPI packaging (#71)
* Move files for better setup.py packaging

* Update setup.py and configs for src layout

* Run tests on setup.py build

In effect, this tests that the setup.py configuration is correct.

coverage combine and coverage:paths are added to keep the displayed
coverage paths as src/ssh_audit/*.py instead of
.tox/$envname/**/site-packages/ssh_audit/*.py

* Remove unnecessary encoding declarations

Python 3 defaults to UTF-8 encoding.
https://docs.python.org/3/reference/lexical_analysis.html#encoding-declarations

* Remove shebang from colorama type stubs

Shouldn't need to be an executable.
Related: git has this file tracked as chmod -x.
2020-10-11 14:03:02 -04:00
Joe Testa 632adc076a Policy check output now prints port number, if applicable. 2020-09-27 11:48:15 -04:00
Joe Testa 936acfa37d Added more structure to JSON result when policy errors are found. 2020-07-29 12:36:08 -04:00
Joe Testa 68a420ff00 Added policy support for optional host key types, like certificates and smart card-based types. 2020-07-15 14:32:14 -04:00
Joe Testa b95969bbc0 Policy output now more clearly prints the policy version. 2020-07-14 17:38:15 -04:00
Joe Testa 8fb07edafd Added 'client policy' field in policy files to distinguish server from client policies. 2020-07-14 17:14:47 -04:00
Joe Testa 381ba1a660 Now supports a list of targets with -T (#11). 2020-07-13 18:39:05 -04:00
Jürgen Gmach bf1fbbfa43
Fix RuntimeError for the JSON export (#44)
* Fix RuntimeError for the JSON export

It is never a good idea to modify an iterable while iterating over it.

Copying the iterable fixes #41

modified:   ssh-audit.py

* Add test case for #41

new file:   test/test_build_struct.py

* Fix linting error

modified:   test/test_build_struct.py
2020-07-03 14:56:46 -04:00
Joe Testa 01ec6b0b37 Removed header processing from policy checks, as this did not function the way users would expect. 2020-07-01 13:12:49 -04:00
Joe Testa d5ef967758 Upgraded 1024-bit modulus warning to failure. 2020-06-30 22:51:13 -04:00
Joe Testa dd44e2f010 Added policy checks (#10). 2020-06-30 15:53:50 -04:00
Jürgen Gmach 12f811cb5c
Remove `native text` converter (#38)
* Remove `native text` converter

This was only necessary with Python 2. After Python 2 removal, both
functions `to_ntext` and `to_utext` exactly did the same.

modified:   ssh-audit.py
modified:   test/test_utils.py

* Rename `to_utext` to `to_text`

... as in Python 3 there is only text (and bytes).

modified:   ssh-audit.py
modified:   test/test_utils.py
2020-06-16 22:50:07 -04:00
Jürgen Gmach ec1dda8d7f
Remove some more Python 2 leftovers (#37)
* Remove mypy job for Python 2

modified:   tox.ini

* Remove Python 2 compatibility import

modified:   ssh-audit.py

* Remove compatibility import for BytesIO and StringIO

This is no longer necessary, as support for Python 2 was dropped.

modified:   ssh-audit.py

* Remove `text-type` compatibility layer

... as support for Python 2 was dropped already.

modified:   ssh-audit.py

* Remove `binary-type` compatibility layer

... as support for Python 2 was dropped already.

modified:   ssh-audit.py

* Remove try-except block for typing

... as since Python 3.5 it is included in the standard library.

modified:   ssh-audit.py

* Move typing import to top of module

modified:   ssh-audit.py

* Remove obsolete encoding declaration

modified:   ssh-audit.py

* Apply pyupgrade on ssh-audit.py

pyupgrade is a tool which updates Python code to modern syntax

modified:   ssh-audit.py

* Remove Python 2 compatibility from conftest.py

modified:   test/conftest.py

* Remove Python 2 compatibility from test_auditconf.py

modified:   test/test_auditconf.py

* Remove Python 2 compatibility from test_banner.py

modified:   test/test_banner.py

* Remove Python 2 compatibility from test_buffer.py

modified:   test/test_buffer.py

* Remove Python 2 compatibility from test_errors.py

modified:   test/test_errors.py

* Remove Python 2 compatibility from test_output.py

modified:   test/test_output.py

* Remove Python 2 compatibility from test_resolve.py

modified:   test/test_resolve.py

* Remove Python 2 compatibility from test_socket.py

modified:   test/test_socket.py

* Remove Python 2 compatibility from test_software.py

modified:   test/test_software.py

* Remove Python 2 compatibility from test_ssh_algorithm.py

modified:   test/test_ssh_algorithm.py

* Remove Python 2 compatibility from test_ssh1.py

modified:   test/test_ssh1.py

* Remove Python 2 compatibility from test_ssh2.py

modified:   test/test_ssh2.py

* Remove Python 2 compatibility and Py2 only tests

... from test_utils.py.

modified:   test/test_utils.py

* Remove Python 2 compatibility from test_version_compare.py

modified:   test/test_version_compare.py

* Remove Python 2 job from appveyor config

This was done blindly, as it is unclear whether appveyor runs at all.

modified:   .appveyor.yml
2020-06-15 17:05:31 -04:00
Joe Testa 42fecf83e6 Re-enabled test_ssh2_server_simple. Fixes #33. 2020-06-13 12:22:59 -04:00
Joe Testa 22ac41bfb8 Converted tab indents to spaces. 2020-06-12 21:01:10 -04:00
Jürgen Gmach 246a41d46f
Flake8 fixes (#35)
* Apply Flake8 also on `setup.py`

modified:   tox.ini

* Fix W605 - invalid escape syntax

modified:   packages/setup.py
modified:   tox.ini

* Update comment about Flake8: W504

W503 and W504 are mutual exclusive - so we have to keep one of them.

modified:   tox.ini

* Fix F841 - variable assigned but never used

modified:   ssh-audit.py
modified:   tox.ini

* Fix E741 - ambiguous variable name 'l'

modified:   ssh-audit.py
modified:   tox.ini

* Fix E712 - comparison to False should be 'if cond is False'

... and not 'if conf == False'.

modified:   ssh-audit.py
modified:   tox.ini

* Fix E711 - comparison to None should be 'if cond is not None'

... and not 'if cond != None'.

modified:   ssh-audit.py
modified:   tox.ini

* Fix E305 - expected 2 blank lines

... after class or function definition, found 1.

modified:   ssh-audit.py
modified:   tox.ini

* Fix E303 - too many blank lines

modified:   ssh-audit.py
modified:   tox.ini

* Fix E303 - too many blank lines

modified:   ssh-audit.py
modified:   tox.ini

* Fix E301 - expected 1 blank line, found 0

No code change necessary, probably fixed by another commit.

modified:   tox.ini

* Fix E265 - block comment should start with '# '

There is lots of commented out code, which usually should be just
deleted.

I will keep it for now, as I am not yet very familiar with the code
base.

modified:   ssh-audit.py
modified:   tox.ini

* Fix E261 - at least two spaces before inline comment

modified:   ssh-audit.py
modified:   tox.ini

* Fix E251 - unexpected spaces around keyword / parameter equals

modified:   packages/setup.py
modified:   tox.ini

* Fix E231 - missing whitespace after ','

No code change necessary, probably fixed by previous commit.

modified:   tox.ini

* Fix E226 - missing whitespace around arithmetic operator

modified:   ssh-audit.py
modified:   tox.ini

* Fix W293 - blank line contains whitespace

modified:   ssh-audit.py
modified:   tox.ini

* Fix E221 - multiple spaces before operator

modified:   ssh-audit.py
modified:   tox.ini

* Update comment about Flake 8 E241

Lots of data is formatted as tables, so this warning is disabled for a
good reason.

modified:   tox.ini

* Fix E401 - multiple imports on one line

modified:   ssh-audit.py
modified:   tox.ini

* Do not ignore Flake8 warning F401

... as there were no errors in source code anyway.

modified:   tox.ini

* Fix F821 - undefined name

modified:   ssh-audit.py
modified:   tox.ini

* Reformat ignore section for Flake8

modified:   tox.ini

* Flake8 test suite

modified:   test/conftest.py
modified:   test/test_auditconf.py
modified:   test/test_banner.py
modified:   test/test_buffer.py
modified:   test/test_errors.py
modified:   test/test_output.py
modified:   test/test_resolve.py
modified:   test/test_socket.py
modified:   test/test_software.py
modified:   test/test_ssh1.py
modified:   test/test_ssh2.py
modified:   test/test_ssh_algorithm.py
modified:   test/test_utils.py
modified:   test/test_version_compare.py
modified:   tox.ini
2020-06-09 17:54:07 -04:00
Jürgen Gmach 29d874b450
Fix tox and finally make Travis green (#29)
* Ignore all flake8 warnings - one by one

Without ignoring, there are by far more than 1000 linting issues.

Fixing these warnings means possibly changing almost every line of
code, as single warnings can effect more than one line.

Doing this in one pull request is generally no good idea, and especially
not now, as the test suite is currently broken.

Instead of just deactivating flake8, or ignoring its exit code, the
warnings are ignored one by one.

This means, when one wants to work on the linting issues, one can just
remove one ignored warning, and fix the problems - which is not too much
work at once, and leads to an managable diff.

modified:   tox.ini

* Unpin dependencies for mypy run

... as they could not be installed due to compilation errors.

modified:   tox.ini

* Fix syntax error for mypy

When new code was added via
af663da838
the type hint was moved further down and so caused a syntax error, as
type hints have to follow the function declaration directly.

Now, the the type linter finally works and shows 187 errors.

modified:   ssh-audit.py

* Update .gitignore for mypy

modified:   .gitignore

* Let tox not fail on mypy errors

Currently, there are almost 200 typing related errors.

Instead of letting the tox run fail, the errors are still shown, but
the exit code gets ignored for now.

This way one can fix them one by one - if wanted.

modified:   tox.ini

* Let tox not fail on pylint errors

Currently, there are more than 100 linting related errors.

Most of them will be fixed when flake8 gets fixed.

Instead of letting the tox run fail, the errors are still shown, but the
exit code gets ignored for now.

This way, one can fix them one by one.

modified:   tox.ini

* Let vulture only fail on 100% confidence

Vulture is a tool to find dead code. Unlike Flake8, which also finds
unused imports and variables, Vulture does some guess work and finally
outputs a list of possible dead code with a confidence marker.

Already the first result ...
"ssh-audit.py:48: unused import 'Dict' (90% confidence)"
... is a false-positive.

As Flake8 also does a good job in detecting unused code, it makes not
much sense to let tox fail when vulture fails.

Instead of deactivating vulture, it was configured in a way to only
report results with 100% confidence.

modified:   tox.ini

* Make timeout_set optional

When timeout_set was introduced in
1ec13c653e
the tests were not updated, which instantiated the Socket class.

While the commit message read "A timeout can now be specified", the
code enforced a `timeout_set`.

`timeout_set` now is `False` by default.

modified:   ssh-audit.py

* Set default values for Socket's `ipvo` and `timeout`

Commit
f44663bfc4
introduced two new arguments to the Socket class, but did not update
the tests, which still relied on the socket class to only require two arguments.

While for `ipvo`the default of `None` is obvious, as in `__init__` it is
checked for it, for `timeout` it was not that obvious.

Luckily, in the README a default of 5 (seconds) is mentioned.

modified:   ssh-audit.py

* Un-comment exception handling

While working on commit
fd3a1f7d41
possibly it was forgotten to undo the commenting of the exception
handling for the case, when the Socket class was instantiated with a
missing `host` argument.

This broke the `test_invalid_host` test.

modified:   ssh-audit.py

* Skip `test_ssh2_server_simple` temporarily

After fixing all the other tests and make tox run again, there is one
failing test left, which unfortunately is not super easy to fix without
further research (at least not for me).

I marked `test_ssh2_server_simple` to be skipped in test runs
(temporarily), so at least, when working on new features, there is
working test suite, now.

modified:   test/test_ssh2.py

* Do not pin pytest and coverage version

... but do use pytest < 6, as this version will have a breaking change
with junit/Jenkins integration

Also see https://github.com/jtesta/ssh-audit/issues/34

* Drop unsupported Python versions

... except Python 2.7, as this will need also changes to the source
code, and this pull request is already big enough.

Also, support for Python 3.8 was added.

The Travis configuration was simplified a lot, by leveraging the tox
configuration.

Also, the mac builds have been dropped, as they all took almost an hour
each, they failed and I have no experience on how to fix them.

The `appveyor` build only has been updated to reflect the updated Python
versions, as I have no access to the status page and no experience with
this build environment.

Also, removed call to `coveralls`, which seems to be a leftover from
the old repository.

modified:   .appveyor.yml
modified:   .travis.yml
modified:   packages/setup.py
deleted:    test/tools/ci-linux.sh
modified:   tox.ini
2020-06-08 16:38:22 -04:00
Joe Testa c9a2f2955c Marked host key type 'ssh-rsa' as weak due to practical SHA-1 collisions. 2020-02-08 23:56:54 -05:00
Joe Testa 0263769243 Added JSON output tests to docker testing suite. 2019-11-08 18:40:32 -05:00
Joe Testa e62b548677 Updated info on curve25519-sha256 kex. 2019-10-21 11:50:23 -04:00
Joe Testa fd3a1f7d41 Added client audit functionality. (#3) 2019-09-27 18:14:36 -04:00
Joe Testa 7221413567 Added TinySSH test. 2019-08-27 22:28:24 -04:00