MCPcopy
hub / github.com/jtesta/ssh-audit / usage

Function usage

src/ssh_audit/ssh_audit.py:85–137  ·  view source on GitHub ↗
(uout: OutputBuffer, err: Optional[str] = None)

Source from the content-addressed store, hash-verified

83
84
85def usage(uout: OutputBuffer, err: Optional[str] = None) -> None:
86 retval = exitcodes.GOOD
87 p = os.path.basename(sys.argv[0])
88 uout.head('# {} {}, https://github.com/jtesta/ssh-audit\n'.format(p, VERSION))
89 if err is not None and len(err) > 0:
90 uout.fail(err + '\n')
91 retval = exitcodes.UNKNOWN_ERROR
92 uout.info('usage: {0} [options] <host>\n'.format(p))
93 uout.info(' -h, --help print this help')
94 uout.info(' -1, --ssh1 force ssh version 1 only')
95 uout.info(' -2, --ssh2 force ssh version 2 only')
96 uout.info(' -4, --ipv4 enable IPv4 (order of precedence)')
97 uout.info(' -6, --ipv6 enable IPv6 (order of precedence)')
98 uout.info(' -b, --batch batch output')
99 uout.info(' -c, --client-audit starts a server on port 2222 to audit client\n software config (use -p to change port;\n use -t to change timeout)')
100 uout.info(' --conn-rate-test=N[:max_rate] perform a connection rate test (useful')
101 uout.info(' for collecting metrics related to')
102 uout.info(' susceptibility of the DHEat vuln).')
103 uout.info(' Testing is conducted with N concurrent')
104 uout.info(' sockets with an optional maximum rate')
105 uout.info(' of connections per second.')
106 uout.info(' -d, --debug debug output')
107 uout.info(' --dheat=N[:kex[:e_len]] continuously perform the DHEat DoS attack')
108 uout.info(' (CVE-2002-20001) against the target using N')
109 uout.info(' concurrent sockets. Optionally, a specific')
110 uout.info(' key exchange algorithm can be specified')
111 uout.info(' instead of allowing it to be automatically')
112 uout.info(' chosen. Additionally, a small length of')
113 uout.info(' the fake e value sent to the server can')
114 uout.info(' be chosen for a more efficient attack (such')
115 uout.info(' as 4).')
116 uout.info(' -g, --gex-test=<x[,y,...]> dh gex modulus size test')
117 uout.info(' <min1:pref1:max1[,min2:pref2:max2,...]>')
118 uout.info(' <x-y[:step]>')
119 uout.info(' -j, --json JSON output (use -jj to enable indents)')
120 uout.info(' -l, --level=<level> minimum output level (info|warn|fail)')
121 uout.info(' -L, --list-policies list all the official, built-in policies. Use with -v')
122 uout.info(' to view policy change logs.')
123 uout.info(' --lookup=<alg1,alg2,...> looks up an algorithm(s) without\n connecting to a server')
124 uout.info(' -M, --make-policy=<policy.txt> creates a policy based on the target server\n (i.e.: the target server has the ideal\n configuration that other servers should\n adhere to)')
125 uout.info(' -m, --manual print the man page (Windows only)')
126 uout.info(' -n, --no-colors disable colors (automatic when the NO_COLOR')
127 uout.info(' environment variable is set)')
128 uout.info(' -p, --port=<port> port to connect')
129 uout.info(' -P, --policy=<policy.txt> run a policy test using the specified policy')
130 uout.info(' --skip-rate-test skip the connection rate test during standard audits\n (used to safely infer whether the DHEat attack\n is viable)')
131 uout.info(' -t, --timeout=<secs> timeout (in seconds) for connection and reading\n (default: 5)')
132 uout.info(' -T, --targets=<hosts.txt> a file containing a list of target hosts (one\n per line, format HOST[:PORT]). Use -p/--port\n to set the default port for all hosts. Use\n --threads to control concurrent scans.')
133 uout.info(' --threads=<threads> number of threads to use when scanning multiple\n targets (-T/--targets) (default: 32)')
134 uout.info(' -v, --verbose verbose output')
135 uout.sep()
136 uout.write()
137 sys.exit(retval)
138
139
140def output_algorithms(out: OutputBuffer, title: str, alg_db: Dict[str, Dict[str, List[List[Optional[str]]]]], alg_type: str, algorithms: List[str], unknown_algs: List[str], is_json_output: bool, program_retval: int, maxlen: int = 0, host_keys: Optional[Dict[str, Dict[str, Union[bytes, str, int]]]] = None, dh_modulus_sizes: Optional[Dict[str, int]] = None) -> int: # pylint: disable=too-many-arguments

Callers

nothing calls this directly

Calls 5

headMethod · 0.80
failMethod · 0.80
infoMethod · 0.80
sepMethod · 0.80
writeMethod · 0.45

Tested by

no test coverage detected