tscanner

package

v1.1.3 Latest Latest Go to latest Published: Jan 18, 2024 License: Apache-2.0 Imports: 10 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/RUB-NDS/Terrapin-Scanner

Links

Open Source Insights

Documentation ¶

Overview ¶

Package tscanner provides a scanner to validate if an ssh client or server is vulnerable to the Terrapin Attack. See more details at https://terrapin-attack.com.

Index ¶

type Report
- func Scan(address string, scanMode ScanMode, verbose bool) (*Report, error)
- func ScanWithTimeout(address string, scanMode ScanMode, verbose bool, timeout int) (*Report, error)
- func (report *Report) IsVulnerable() bool
- func (report *Report) MarshalJSON() ([]byte, error)
type ScanMode

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Report ¶

type Report struct {
	// Contains the IP address and port of the scanned peer.
	RemoteAddr string
	// Indicates whether the scanned host was acting as client or server.
	IsServer bool
	// Banner contains the SSH banner of the remote peer.
	Banner string
	// SupportsChaCha20 indicates whether the remote peer supports the ChaCha20-Poly1305 cipher.
	SupportsChaCha20 bool
	// SupportsCbcEtm indicates whether the remote peer supports CBC ciphers with ETM.
	SupportsCbcEtm bool
	// SupportsStrictKex indicates whether the remote peer supports strict key exchange.
	SupportsStrictKex bool
}

Report contains the results of a vulnerability scan.

func Scan ¶

func Scan(address string, scanMode ScanMode, verbose bool) (*Report, error)

Scan performs a vulnerability scan to check whether the remote peer is likely to be vulnerable against prefix truncation.

func ScanWithTimeout ¶ added in v1.1.2

func ScanWithTimeout(address string, scanMode ScanMode, verbose bool, timeout int) (*Report, error)

ScanWithTimeout performs a vulnerability scan with configurable timeout to check whether the remote peer is likely to be vulnerable against prefix truncation.

func (*Report) IsVulnerable ¶

func (report *Report) IsVulnerable() bool

IsVulnerable evaluates whether the report indicates vulnerability to prefix truncation.

func (*Report) MarshalJSON ¶

func (report *Report) MarshalJSON() ([]byte, error)

MarshalJSON marshals the report to JSON.

type ScanMode ¶

type ScanMode int32

ScanMode describes a scan mode for the scanner.

const (
	// ServerScan indicates that the scanner should connect to the provided address and perform a server-side scan.
	ServerScan ScanMode = iota
	// ClientScan indicates that the scanner should listen on the provided address and perform a client-side scan.
	ClientScan
)

Source Files ¶

View all Source files

tscanner.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL