sshmitm.plugins.session.clientaudit module

class sshmitm.plugins.session.clientaudit.ClientAuditReport(title, *, vulnerable=False, messages=None)

Bases: object

Parameters:

  • title (str)

  • vulnerable (bool, default: False)

  • messages (list[str] | None, default: None)

class sshmitm.plugins.session.clientaudit.SSHClientAudit(key_negotiation_data, client_version, client_name=None, client_info=None)

Bases: object

The class SSHClientAudit is used for auditing SSH clients.

Parameters:

  • key_negotiation_data (KeyNegotiationData) – object of ‘sshmitm.plugins.session.key_negotiation.KeyNegotiationData’

  • client_version (str) – client version string

  • client_name (str | None, default: None) – optional client name

  • client_info (dict[str, dict[str, Any]] | None, default: None) – optional client information, stored as a dictionary

audit()

Run audits on all clients.

Return type:

ClientAuditReport | None

between_versions(version_min, version_max)

This method returns True if the version string is between version_min and version_max. Returns False otherwise.

Parameters:

  • version_min (None | float | str) – minimum version number

  • version_max (None | float | str) – maximum version number

Return type:

bool

Returns:

True if version string is between version_min and version_max, False otherwise

check_cves(vulnerabilities)

This method returns a list of strings representing the Common Vulnerabilities and Exposures (CVEs) found in the client, along with the information available in the vulnerabilities dictionary.

Parameters:

vulnerabilities (defaultdict[str, list[ClientAuditReport | None]]) – dictionary of CVEs and their descriptions

Return type:

list[str]

Returns:

list of strings representing the CVEs and their information

check_key_negotiation()

Check if a key negotiation data is known.

Return type:

dict[str, ClientAuditReport]

check_terrapin_attack()
Return type:

dict[str, ClientAuditReport]

get_version_string()

This method returns version string extracted from the client_version string in the key_negotiation_data object using the version_regex field of client_info dictionary.

Return type:

str | None

Returns:

version string

run_audit()

Run an audit on the client with the given ID.

Return type:

None

class sshmitm.plugins.session.clientaudit.Vulnerability(cve, indocs=False)

Bases: object

This class represents a vulnerability and holds information about it.

Parameters:

  • cve (str) – the identifier of the vulnerability (e.g. ‘CVE-2022-0001’)

  • indocs (bool, default: False) – if True, the URL of the vulnerability information will point to the internal docs. if False, the URL will point to the official NIST National Vulnerability Database.

property url: str

Get the URL where the information about the vulnerability can be found.

Returns:

the URL