search

jtesta / ssh-audit

SSH server & client security auditing (banner, key exchange, encryption, mac, compression, compatibility, security, etc)
MIT License
3.44k stars 179 forks source link

possible to have output file option #308

Closed ITmustang closed 4 days ago

ITmustang commented 5 days ago

tool has option to provide in input file with hosts and port. i dont see any option or is there an option or can there be an option to put results into a results.txt file that if you have multiple IP addresses, it outputs similar to this and puts each IP at top of section.. Thanks!

10.10.10.1-------------------------------------------------------------------------------- key exchange algorithms (kex) ecdh-sha2-nistp256 -- [fail] using elliptic curves that are suspected as being backdoored by the U.S. National Security Agency (kex) ecdh-sha2-nistp384 -- [fail] using elliptic curves that are suspected as being backdoored by the U.S. National Security Agency (kex) ecdh-sha2-nistp521 -- [fail] using elliptic curves that are suspected as being backdoored by the U.S. National Security Agency host-key algorithms (key) ssh-rsa (3072-bit) -- [fail] using broken SHA-1 hash algorithm (key) ecdsa-sha2-nistp256 -- [fail] using elliptic curves that are suspected as being backdoored by the U.S. National Security Agency message authentication code algorithms (mac) hmac-sha1-etm@openssh.com -- [fail] using broken SHA-1 hash algorithm (mac) hmac-sha1 -- [fail] using broken SHA-1 hash algorithm

10.10.10.2-------------------------------------------------------------------------------- key exchange algorithms (kex) ecdh-sha2-nistp256 -- [fail] using elliptic curves that are suspected as being backdoored by the U.S. National Security Agency (kex) ecdh-sha2-nistp384 -- [fail] using elliptic curves that are suspected as being backdoored by the U.S. National Security Agency (kex) ecdh-sha2-nistp521 -- [fail] using elliptic curves that are suspected as being backdoored by the U.S. National Security Agency host-key algorithms (key) ssh-rsa (3072-bit) -- [fail] using broken SHA-1 hash algorithm (key) ecdsa-sha2-nistp256 -- [fail] using elliptic curves that are suspected as being backdoored by the U.S. National Security Agency message authentication code algorithms (mac) hmac-sha1-etm@openssh.com -- [fail] using broken SHA-1 hash algorithm (mac) hmac-sha1 -- [fail] using broken SHA-1 hash algorithm

10.10.10.3-------------------------------------------------------------------------------- key exchange algorithms (kex) ecdh-sha2-nistp256 -- [fail] using elliptic curves that are suspected as being backdoored by the U.S. National Security Agency (kex) ecdh-sha2-nistp384 -- [fail] using elliptic curves that are suspected as being backdoored by the U.S. National Security Agency (kex) ecdh-sha2-nistp521 -- [fail] using elliptic curves that are suspected as being backdoored by the U.S. National Security Agency host-key algorithms (key) ssh-rsa (3072-bit) -- [fail] using broken SHA-1 hash algorithm (key) ecdsa-sha2-nistp256 -- [fail] using elliptic curves that are suspected as being backdoored by the U.S. National Security Agency message authentication code algorithms (mac) hmac-sha1-etm@openssh.com -- [fail] using broken SHA-1 hash algorithm (mac) hmac-sha1 -- [fail] using broken SHA-1 hash algorithm

jtesta commented 5 days ago

I think stdout redirection will accomplish what you're looking for:

$ cat /tmp/targets.txt
10.1.2.3
10.1.2.4
$ ./ssh-audit.py -T /tmp/targets.txt > /tmp/output.txt
$ cat /tmp/output.txt 
# general
(gen) target: 10.1.2.3
[...]

--------------------------------------------------------------------------------

# general
(gen) target: 10.1.2.4
[...]

As you can see, the target hostnames/IPs will end up in each header. You may also want to use -n to disable color output if you're redirecting to a file, otherwise the escape characters will end up in it as well, which can make it difficult to read.

ITmustang commented 4 days ago

@jtesta, perfect solution, Thanks! ill close.