How to use the ssh-audit.SSH.Protocol function in ssh-audit
To help you get started, we’ve selected a few ssh-audit examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
arthepsy / ssh-audit / ssh-audit.py View on Github 
def send_init(self, s):
# type: (SSH.Socket) -> None
r = random.SystemRandom()
self.__x = r.randrange(2, self.__q)
self.__e = pow(self.__g, self.__x, self.__p)
s.write_byte(SSH.Protocol.MSG_KEXDH_INIT)
s.write_mpint2(self.__e)
s.send_packet()if err is None:
packet_type, payload = s.read_packet(sshv)
if packet_type < 0:
try:
payload_txt = payload.decode('utf-8') if payload else u'empty'
except UnicodeDecodeError:
payload_txt = u'"{0}"'.format(repr(payload).lstrip('b')[1:-1])
if payload_txt == u'Protocol major versions differ.':
if sshv == 2 and aconf.ssh1:
audit(aconf, 1)
return
err = '[exception] error reading packet ({0})'.format(payload_txt)
else:
err_pair = None
if sshv == 1 and packet_type != SSH.Protocol.SMSG_PUBLIC_KEY:
err_pair = ('SMSG_PUBLIC_KEY', SSH.Protocol.SMSG_PUBLIC_KEY)
elif sshv == 2 and packet_type != SSH.Protocol.MSG_KEXINIT:
err_pair = ('MSG_KEXINIT', SSH.Protocol.MSG_KEXINIT)
if err_pair is not None:
fmt = '[exception] did not receive {0} ({1}), ' + \
'instead received unknown message ({2})'
err = fmt.format(err_pair[0], err_pair[1], packet_type)
if err:
output(banner, header)
out.fail(err)
sys.exit(1)
if sshv == 1:
pkm = SSH1.PublicKeyMessage.parse(payload)
output(banner, header, pkm=pkm)
elif sshv == 2:
kex = SSH2.Kex.parse(payload)
output(banner, header, kex=kex)if packet_type < 0:
try:
payload_txt = payload.decode('utf-8') if payload else u'empty'
except UnicodeDecodeError:
payload_txt = u'"{0}"'.format(repr(payload).lstrip('b')[1:-1])
if payload_txt == u'Protocol major versions differ.':
if sshv == 2 and aconf.ssh1:
audit(aconf, 1)
return
err = '[exception] error reading packet ({0})'.format(payload_txt)
else:
err_pair = None
if sshv == 1 and packet_type != SSH.Protocol.SMSG_PUBLIC_KEY:
err_pair = ('SMSG_PUBLIC_KEY', SSH.Protocol.SMSG_PUBLIC_KEY)
elif sshv == 2 and packet_type != SSH.Protocol.MSG_KEXINIT:
err_pair = ('MSG_KEXINIT', SSH.Protocol.MSG_KEXINIT)
if err_pair is not None:
fmt = '[exception] did not receive {0} ({1}), ' + \
'instead received unknown message ({2})'
err = fmt.format(err_pair[0], err_pair[1], packet_type)
if err:
output(banner, header)
out.fail(err)
sys.exit(1)
if sshv == 1:
pkm = SSH1.PublicKeyMessage.parse(payload)
output(banner, header, pkm=pkm)
elif sshv == 2:
kex = SSH2.Kex.parse(payload)
output(banner, header, kex=kex)ssh-audit
An SSH server & client configuration security auditing tool
Package Health Score
79 / 100Popular ssh-audit functions
- ssh-audit.AuditConf.from_cmdline
- ssh-audit.OutputBuffer
- ssh-audit.ReadBuf
- ssh-audit.SSH
- ssh-audit.SSH.Fingerprint
- ssh-audit.SSH.Product
- ssh-audit.SSH.Product.DropbearSSH
- ssh-audit.SSH.Product.LibSSH
- ssh-audit.SSH.Product.OpenSSH
- ssh-audit.SSH.Protocol
- ssh-audit.SSH.Socket
- ssh-audit.SSH.Socket.InsufficientReadException
- ssh-audit.SSH.Software
- ssh-audit.SSH.Software.parse
- ssh-audit.SSH1
- ssh-audit.SSH2.Kex.parse
- ssh-audit.SSH2.KexParty
- ssh-audit.WriteBuf
- ssh-audit.WriteBuf._create_mpint