|
| 1 | +#!/usr/bin/env python |
| 2 | +import json |
| 3 | +import colorama |
| 4 | +import sys |
| 5 | +from tabulate import tabulate |
| 6 | +from termcolor import colored |
| 7 | + |
| 8 | +''' |
| 9 | +Quick script to format the result of a scan of "ssh-audit": |
| 10 | + ssh-audit --json --threads=1 --port=22 [HOST] > report.json |
| 11 | + python generate-report-sshaudit.py report.json |
| 12 | +
|
| 13 | +Dependencies: |
| 14 | + pip install colorama termcolor tabulate |
| 15 | +
|
| 16 | +ssh-audit: |
| 17 | + https://github.com/jtesta/ssh-audit |
| 18 | +''' |
| 19 | + |
| 20 | +# I expliclty exclude INFO level as I only want to keep the algorithms with errors or warnings |
| 21 | +SEVERITY_COLOR_MAPPING = {"CRITICAL": "red", "FAIL": "red", "WARNING": "light_yellow", "WARN": "light_yellow"} |
| 22 | +SEVERITY_LEVEL_RECOMMANDATIONS = ["critical", "warning"] |
| 23 | +SEVERITY_LEVEL_VALIDATIONS = ["fail", "warn"] |
| 24 | +ALGO_TYPES_MAPPING = {"enc": "Encryption", "kex": "Key Exchange", "key": "Key", "mac": "Message Authentication Code"} |
| 25 | + |
| 26 | + |
| 27 | +def get_color(severity): |
| 28 | + sev = severity.upper() |
| 29 | + severity_color = "white" |
| 30 | + if sev in SEVERITY_COLOR_MAPPING: |
| 31 | + severity_color = SEVERITY_COLOR_MAPPING[sev] |
| 32 | + return severity_color |
| 33 | + |
| 34 | + |
| 35 | +def get_action_name(action_code): |
| 36 | + act_name = "NA" |
| 37 | + if action_code == "del": |
| 38 | + act_name = "Remove" |
| 39 | + elif action_code == "add": |
| 40 | + act_name = "Add" |
| 41 | + return act_name |
| 42 | + |
| 43 | + |
| 44 | +def get_algo_notes(algo_json_item): |
| 45 | + desc_list = [] |
| 46 | + notes = algo_json_item["notes"] |
| 47 | + for level in SEVERITY_LEVEL_VALIDATIONS: |
| 48 | + if level in notes: |
| 49 | + desc = colored(level.capitalize(), get_color(level)) + ": " |
| 50 | + desc += ", ".join(notes[level]) |
| 51 | + desc += "." |
| 52 | + desc_list.append(desc) |
| 53 | + return desc_list |
| 54 | + |
| 55 | + |
| 56 | +def get_table_for_algorithms_by_type(report_json_data): |
| 57 | + rows = [["Algorithm type", "Algorithm name", "Status"]] |
| 58 | + for algo_type, algo_label in ALGO_TYPES_MAPPING.items(): |
| 59 | + algos = report_json_data[algo_type] |
| 60 | + for algo in algos: |
| 61 | + algo_name = algo["algorithm"] |
| 62 | + algo_notes = get_algo_notes(algo) |
| 63 | + # No note indicate that algo is OK |
| 64 | + if len(algo_notes) > 0: |
| 65 | + for algo_note in algo_notes: |
| 66 | + rows.append([algo_label, algo_name, algo_note]) |
| 67 | + # No data |
| 68 | + if len(rows) == 1: |
| 69 | + rows = None |
| 70 | + return rows |
| 71 | + |
| 72 | + |
| 73 | +def get_table_for_recommendations(report_json_data): |
| 74 | + rows = [["Severity", "Algorithm type", "Algorithm name", "Action"]] |
| 75 | + recommendations_data = report_json_data["recommendations"] |
| 76 | + if len(recommendations_data) > 0: |
| 77 | + |
| 78 | + for level in SEVERITY_LEVEL_RECOMMANDATIONS: |
| 79 | + level_reco_datas = recommendations_data[level] |
| 80 | + for action_name in level_reco_datas: |
| 81 | + action_full_name = get_action_name(action_name) |
| 82 | + action_reco_datas = recommendations_data[level][action_name] |
| 83 | + for algo_type, algo_label in ALGO_TYPES_MAPPING.items(): |
| 84 | + if algo_type in action_reco_datas: |
| 85 | + algo_reco_datas = action_reco_datas[algo_type] |
| 86 | + for algo_reco_data in algo_reco_datas: |
| 87 | + algo_name = algo_reco_data["name"] |
| 88 | + rows.append([colored(level.capitalize(), get_color(level)), algo_label, algo_name, action_full_name]) |
| 89 | + # No data |
| 90 | + if len(rows) == 1: |
| 91 | + rows = None |
| 92 | + return rows |
| 93 | + |
| 94 | + |
| 95 | +colorama.init() |
| 96 | +report_file = sys.argv[1] |
| 97 | +with open(report_file, mode="r", encoding="utf-8") as f: |
| 98 | + report_json_data = json.load(f) |
| 99 | +print(colored("[+] SSH version", "yellow")) |
| 100 | +print(report_json_data["banner"]["raw"]) |
| 101 | +print("") |
| 102 | +print(colored("[+] CVE", "yellow")) |
| 103 | +cves = report_json_data["cves"] |
| 104 | +if len(cves) == 0: |
| 105 | + print("No CVE found.") |
| 106 | +else: |
| 107 | + print(", ".join(cves)) |
| 108 | +print("") |
| 109 | +print(colored("[+] Algorithms with issues", "yellow")) |
| 110 | +table_rows = get_table_for_algorithms_by_type(report_json_data) |
| 111 | +if table_rows is None: |
| 112 | + print("No issue found.") |
| 113 | +else: |
| 114 | + print(tabulate(table_rows[1:], headers=table_rows[0], tablefmt="outline", stralign="left")) |
| 115 | +print("") |
| 116 | +print(colored("[+] Recommendations", "yellow")) |
| 117 | +table_rows = get_table_for_recommendations(report_json_data) |
| 118 | +if table_rows is None: |
| 119 | + print("No recommandation available.") |
| 120 | +else: |
| 121 | + print(tabulate(table_rows[1:], headers=table_rows[0], tablefmt="outline", stralign="left")) |
0 commit comments