1. Advisor
  2. ssh-audit
  3. functions
  4. ssh-audit.ReadBuf
View all ssh-audit analysis

How to use the ssh-audit.ReadBuf function in ssh-audit

To help you get started, we’ve selected a few ssh-audit examples, based on popular ways it is used in public projects.

Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.

github arthepsy / ssh-audit / ssh-audit.py View on Github external
['0.4.7', '0.5.2',  1, 'CVE-2012-6063', 7.5, 'cause DoS or execute arbitrary code via sftp (double free)'],
				['0.4.7', '0.5.2',  1, 'CVE-2012-4562', 7.5, 'cause DoS or execute arbitrary code (overflow check)'],
				['0.4.7', '0.5.2',  1, 'CVE-2012-4561', 5.0, 'cause DoS via unspecified vectors (invalid pointer)'],
				['0.4.7', '0.5.2',  1, 'CVE-2012-4560', 7.5, 'cause DoS or execute arbitrary code (buffer overflow)'],
				['0.4.7', '0.5.2',  1, 'CVE-2012-4559', 6.8, 'cause DoS or execute arbitrary code (double free)']]
		}  # type: Dict[str, List[List[Any]]]
		TXT = {
			'Dropbear SSH': [
				['0.28', '0.34', 1, 'remote root exploit', 'remote format string buffer overflow exploit (exploit-db#387)']],
			'libssh': [
				['0.3.3', '0.3.3', 1, 'null pointer check', 'missing null pointer check in "crypt_set_algorithms_server"'],
				['0.3.3', '0.3.3', 1, 'integer overflow',   'integer overflow in "buffer_get_data"'],
				['0.3.3', '0.3.3', 3, 'heap overflow',      'heap overflow in "packet_decrypt"']]
		}  # type: Dict[str, List[List[Any]]]
	
	class Socket(ReadBuf, WriteBuf):
		class InsufficientReadException(Exception):
			pass
		
		SM_BANNER_SENT = 1
		
		def __init__(self, host, port):
			# type: (str, int) -> None
			super(SSH.Socket, self).__init__()
			self.__block_size = 8
			self.__state = 0
			self.__header = []  # type: List[text_type]
			self.__banner = None  # type: Optional[SSH.Banner]
			self.__host = host
			self.__port = port
			self.__sock = None  # type: socket.socket
github arthepsy / ssh-audit / ssh-audit.py View on Github external
def parse(cls, payload):
			# type: (binary_type) -> SSH2.Kex
			buf = ReadBuf(payload)
			cookie = buf.read(16)
			kex_algs = buf.read_list()
			key_algs = buf.read_list()
			cli_enc = buf.read_list()
			srv_enc = buf.read_list()
			cli_mac = buf.read_list()
			srv_mac = buf.read_list()
			cli_compression = buf.read_list()
			srv_compression = buf.read_list()
			cli_languages = buf.read_list()
			srv_languages = buf.read_list()
			follows = buf.read_bool()
			unused = buf.read_int()
			cli = SSH2.KexParty(cli_enc, cli_mac, cli_compression, cli_languages)
			srv = SSH2.KexParty(srv_enc, srv_mac, srv_compression, srv_languages)
			kex = cls(cookie, kex_algs, key_algs, cli, srv, follows, unused)
github arthepsy / ssh-audit / ssh-audit.py View on Github external
def parse(cls, payload):
			# type: (binary_type) -> SSH1.PublicKeyMessage
			buf = ReadBuf(payload)
			cookie = buf.read(8)
			server_key_bits = buf.read_int()
			server_key_exponent = buf.read_mpint1()
			server_key_modulus = buf.read_mpint1()
			skey = (server_key_bits, server_key_exponent, server_key_modulus)
			host_key_bits = buf.read_int()
			host_key_exponent = buf.read_mpint1()
			host_key_modulus = buf.read_mpint1()
			hkey = (host_key_bits, host_key_exponent, host_key_modulus)
			pflags = buf.read_int()
			cmask = buf.read_int()
			amask = buf.read_int()
			pkm = cls(cookie, skey, hkey, pflags, cmask, amask)
			return pkm
github arthepsy / ssh-audit / ssh-audit.py View on Github external
def __init__(self, data=None):
		# type: (Optional[binary_type]) -> None
		super(ReadBuf, self).__init__()
		self._buf = BytesIO(data) if data else BytesIO()
		self._len = len(data) if data else 0

ssh-audit

An SSH server & client configuration security auditing tool

GitHub
MIT
Latest version published 24 days ago

Package Health Score

79 / 100
Full package analysis

Popular ssh-audit functions

Similar packages