sshmitm.plugins.session.clientaudit module
- class sshmitm.plugins.session.clientaudit.ClientAuditReport(title, *, vulnerable=False, messages=None)
Bases:
object
- Parameters:
title (
str
)vulnerable (
bool
, default:False
)messages (
Optional
[List
[str
]], default:None
)
- class sshmitm.plugins.session.clientaudit.SSHClientAudit(key_negotiation_data, client_version, client_name=None, client_info=None)
Bases:
object
The class SSHClientAudit is used for auditing SSH clients.
- Parameters:
key_negotiation_data (
KeyNegotiationData
) – object of ‘sshmitm.plugins.session.key_negotiation.KeyNegotiationData’client_version (
str
) – client version stringclient_name (
Optional
[str
], default:None
) – optional client nameclient_info (
Optional
[Dict
[str
,Dict
[str
,Any
]]], default:None
) – optional client information, stored as a dictionary
- audit()
Run audits on all clients.
- Return type:
Optional
[ClientAuditReport
]
- between_versions(version_min, version_max)
This method returns True if the version string is between version_min and version_max. Returns False otherwise.
- Parameters:
version_min (
Union
[None
,float
,str
]) – minimum version numberversion_max (
Union
[None
,float
,str
]) – maximum version number
- Return type:
bool
- Returns:
True if version string is between version_min and version_max, False otherwise
- check_cves(vulnerabilities)
This method returns a list of strings representing the Common Vulnerabilities and Exposures (CVEs) found in the client, along with the information available in the vulnerabilities dictionary.
- Parameters:
vulnerabilities (
DefaultDict
[str
,List
[Optional
[ClientAuditReport
]]]) – dictionary of CVEs and their descriptions- Return type:
List
[str
]- Returns:
list of strings representing the CVEs and their information
- check_key_negotiation()
Check if a key negotiation data is known.
- Return type:
Dict
[str
,ClientAuditReport
]
- check_terrapin_attack()
- Return type:
Dict
[str
,ClientAuditReport
]
- get_version_string()
This method returns version string extracted from the client_version string in the key_negotiation_data object using the version_regex field of client_info dictionary.
- Return type:
Optional
[str
]- Returns:
version string
- run_audit()
Run an audit on the client with the given ID.
- Return type:
None
- class sshmitm.plugins.session.clientaudit.Vulnerability(cve, indocs=False)
Bases:
object
This class represents a vulnerability and holds information about it.
- Parameters:
cve (
str
) – the identifier of the vulnerability (e.g. ‘CVE-2022-0001’)indocs (
bool
, default:False
) – if True, the URL of the vulnerability information will point to the internal docs. if False, the URL will point to the official NIST National Vulnerability Database.
- property url: str
Get the URL where the information about the vulnerability can be found.
- Returns:
the URL