fluidasserts.proto.ssh module

This module allows to check SSH vulnerabilities.

exception fluidasserts.proto.ssh.BadUsername

Bases: Exception

Custom exception for when username is invalid.

fluidasserts.proto.ssh.has_user_enumeration(host, user_list, fake_users, port=22)

Check if SSH is vulnerable to user enumeration.

Parameters
  • host (str) – Address to test.

  • port (int) – If necessary, specify port to connect to.

  • user_list (list) – List of users.

  • fake_users (list) – List of fake users.

fluidasserts.proto.ssh.is_cbc_used(host, port=22, username=None, password=None)

Check if SSH has CBC algorithms enabled.

Parameters
Return type

tuple

fluidasserts.proto.ssh.is_hmac_used(host, port=22, username=None, password=None)

Check if SSH has weak HMAC algorithms enabled.

Parameters
Return type

tuple

fluidasserts.proto.ssh.is_version_visible(ip_address, port=22)

Check if banner is visible.

Parameters
  • ip_address (str) – IP address to test.

  • port (int) – If necessary, specify port to connect to (default: 22).

Return type

tuple