You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
But when doing ssh -v or sftp -v (because it is a sftp server) I can see: debug1: Remote protocol version 2.0, remote software version mod_sftp/0.9.9.
To be sure I used nmap:
nmap -Pn -p 2222 x.x.x.x -sVC
Starting Nmap 7.70 ( https://nmap.org ) at 2018-12-28 11:06 CET
Nmap scan report for x.com (x.x.x.x)
Host is up (0.023s latency).
PORT STATE SERVICE VERSION
2222/tcp open ssh ProFTPD mod_sftp 0.9.9 (protocol 2.0)
Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 62.67 seconds
So:
You need to display the real banner, the one grabbed not making an internal match or something and displying a wrong banner when the ssh provider is not known from ssh-audit because it can lead to severe mistakes.
Addresses Issue arthepsy#41, gnu_getopt allows non-option arguments to be intermingled with option arguments whereas getopt stops processing arguments when a non option is found.
warning : read the update section
related to #37
ssh-audit display the wrong banner instead of displaying the real one or saying he doesn't know this one:
But when doing
ssh -v
orsftp -v
(because it is a sftp server) I can see:debug1: Remote protocol version 2.0, remote software version mod_sftp/0.9.9
.To be sure I used nmap:
So:
Update Also a real
SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.6
is running on port 22 so I suspect that ssh-audit is ignoring the option for port 2222.ssh-audit/ssh-audit.py
Lines 155 to 185 in 22b671e
==> this is it, if I put
ssh-audit -p 2222 x.x.x.x
instead ofssh-audit x.x.x.x -p 2222
i have the good banner:So I suggest to support options in any order even after the host like nmap and many other tools are doing.
The text was updated successfully, but these errors were encountered: