arthepsy / ssh-audit

SSH server auditing (banner, key exchange, encryption, mac, compression, compatibility, security, etc)
MIT License
2.96k stars 268 forks source link

Feature: add security section (e.g, related CVE's) #4

Open arthepsy opened 8 years ago

arthepsy commented 8 years ago
blindfuzzy commented 8 years ago

Might be possible to use searchsploit for the CVE stuff. I use it here: https://github.com/blindfuzzy/LHF/blob/master/Modules/recon.py ; works out pretty well.

arthepsy commented 8 years ago

Good tip, @blindfuzzy . As I don't want to rely on external modules/scripts/dependencies, I could use this for double-checking (as existing database). Also, maybe I could add it as optional dependency. Will have to research how useful it is when I'm done with historical CVE's.

P.S. LHF looks interesting.

blindfuzzy commented 8 years ago

I understand. Thanks :D Hoping to continue making it better.

arthepsy commented 8 years ago

Dropbear SSH CVE's: https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=dropbear Correspond exactly to ChangeLog: https://matt.ucc.asn.au/dropbear/CHANGES

cve-search is missing CVE-2006-0225 (probably, due to being attributed to OpenSSH).

arthepsy commented 8 years ago

Security sections for Dropbear SSH (already released) and libssh are done (release next week). Only OpenSSH is left as TODO.

egberts commented 2 years ago

Perhaps a simple output of encountered SSH versions can be written to a file for a second script tool to interactively read then consult via-API to retrieve CVE?