fluidasserts.proto.ssh module

This module allows to check SSH vulnerabilities.

exception fluidasserts.proto.ssh.BadUsername

Bases: Exception

Custom exception for when username is invalid.

fluidasserts.proto.ssh.has_user_enumeration(host, user_list, fake_users, port=22)

Check if SSH is vulnerable to user enumeration.

Parameters

• host (str) – Address to test.

• port (int) – If necessary, specify port to connect to.

• user_list (list) – List of users.

• fake_users (list) – List of fake users.

fluidasserts.proto.ssh.is_cbc_used(host, port=22, username=None, password=None)

Check if SSH has CBC algorithms enabled.

Parameters

• host (str) – Address to test.

• port (int) – If necessary, specify port to connect to.

• username (typing.Optional[str]) – Username.

• password (typing.Optional[str]) – Password.

Return type

tuple

fluidasserts.proto.ssh.is_hmac_used(host, port=22, username=None, password=None)

Check if SSH has weak HMAC algorithms enabled.

Parameters

• host (str) – Address to test.

• port (int) – If necessary, specify port to connect to.

• username (typing.Optional[str]) – Username.

• password (typing.Optional[str]) – Password.

Return type

tuple

fluidasserts.proto.ssh.is_version_visible(ip_address, port=22)

Check if banner is visible.

Parameters

• ip_address (str) – IP address to test.

• port (int) – If necessary, specify port to connect to (default: 22).

Return type

tuple