sshmitm.plugins.session.clientaudit module

class sshmitm.plugins.session.clientaudit.SSHClientAudit(key_negotiation_data: KeyNegotiationData, client_version: str, client_name: Optional[str] = None, client_info: Optional[Dict[str, Dict[str, Any]]] = None)

Bases: object

The class SSHClientAudit is used for auditing SSH clients.

Parameters:
  • key_negotiation_data ('sshmitm.plugins.session.key_negotiation.KeyNegotiationData') – object of ‘sshmitm.plugins.session.key_negotiation.KeyNegotiationData’

  • client_version (str) – client version string

  • client_name (Optional[str]) – optional client name

  • client_info (Optional[Dict[str, Dict[str, Any]]]) – optional client information, stored as a dictionary

Returns:

None

Return type:

None

audit() List[str]

Run audits on all clients.

Returns:

None

Return type:

None

between_versions(version_min: Union[None, int, float, str], version_max: Union[None, int, float, str]) bool

This method returns True if the version string is between version_min and version_max. Returns False otherwise.

Parameters:
  • version_min (Union[None, int, float, str]) – minimum version number

  • version_max (Union[None, int, float, str]) – maximum version number

Returns:

True if version string is between version_min and version_max, False otherwise

Return type:

bool

check_cves(vulnerabilities: Dict[str, List[str]]) List[str]

This method returns a list of strings representing the Common Vulnerabilities and Exposures (CVEs) found in the client, along with the information available in the vulnerabilities dictionary.

Parameters:

vulnerabilities (Dict[str, List[str]]) – dictionary of CVEs and their descriptions

Returns:

list of strings representing the CVEs and their information

Return type:

List[str]

check_key_negotiation() Dict[str, List[str]]

Check if a key negotiation data is known.

Parameters:

client_id (str) – ID of the client to check

Returns:

True if key negotiation data is known, False otherwise

Return type:

bool

get_version_string() Optional[str]

This method returns version string extracted from the client_version string in the key_negotiation_data object using the version_regex field of client_info dictionary.

Returns:

version string

Return type:

Optional[str]

run_audit() None

Run an audit on the client with the given ID.

Parameters:

client_id (str) – ID of the client to audit

Returns:

None

Return type:

None

class sshmitm.plugins.session.clientaudit.Vulnerability(cve: str, indocs: bool = False)

Bases: object

This class represents a vulnerability and holds information about it.

Parameters:
  • cve (str) – the identifier of the vulnerability (e.g. ‘CVE-2022-0001’)

  • indocs (bool) – if True, the URL of the vulnerability information will point to the internal docs. if False, the URL will point to the official NIST National Vulnerability Database.

property url: str

Get the URL where the information about the vulnerability can be found.

Returns:

the URL

Return type:

str