Skip to content

Added new ssh-audit scanner to replace deprecated ssh-scan scanner#1713

Merged
sofi0071 merged 55 commits intosecureCodeBox:mainfrom
Reet00:scanner/ssh-audit
May 11, 2023
Merged

Added new ssh-audit scanner to replace deprecated ssh-scan scanner#1713
sofi0071 merged 55 commits intosecureCodeBox:mainfrom
Reet00:scanner/ssh-audit

Conversation

@Reet00
Copy link
Copy Markdown
Contributor

@Reet00 Reet00 commented May 4, 2023
edited
Loading

Description

Checklist

  • Test your changes as thoroughly as possible before you commit them. Preferably, automate your test by unit/integration tests.
  • Make sure that all your commits are signed-off and that you are added to the Contributors file.
  • Make sure that all CI finish successfully.
  • Optional (but appreciated): Make sure that all commits are Verified.

Reet00 and others added 30 commits April 25, 2023 09:49
@Reet00
Deckerfiles
8853dcf
@Reet00
chart.yaml file
58d6263
@Reet00
vales.yaml
258a3e4
@Reet00
wrapper.sh
b0e089c 
To convert terminal output into file
@Reet00
scan-type ssh-audit
2430784
@Reet00
parser definition
837255d
@Reet00
created Makefile for ssh-audit
c578b4c
@Reet00
debu, fixed entrypoint
4ad2f3a
@Reet00
exit code to avoid error
a28fd34
@Reet00
debug parameters
6a8b178
@Reet00
changed image versions
675ac83
@Reet00
helmignore
f0de0e3
@sofi0071
Basic implementation of parser
a3a929f
@sofi0071
secureCodeBox#1454 Implement findings format
6024d0e
@Reet00
secureCodeBox#1454 commentary and details
88246bd
@Reet00
secureCodeBox#1454 modified parser function
ce87434
@Reet00
secureCodeBox#1454 bug fix
f0de9ec
@Reet00
secureCodeBox#1454 added detailed findings in parser.js
ae04028
@sofi0071
secureCodeBox#1454 attempt to fix bug by parsing of findings
d44102a 
Signed-off-by: Sofia Lohr <sofia.lohr@iteratec.com>
@sofi0071
secureCodeBox#1454 updated version of ssh-audit
31a85b5 
Signed-off-by: Sofia Lohr <sofia.lohr@iteratec.com>
@sofi0071
secureCodeBox#1454 added algorithmlist in findings
ca18717 
Signed-off-by: Sofia Lohr <sofia.lohr@iteratec.com>
@sofi0071
secureCodeBox#1454 fixed format of algorithm names in findings
7450e36 
Signed-off-by: Sofia Lohr <sofia.lohr@iteratec.com>
@sofi0071
secureCodeBox#1454 added change option to findings and changed varia…
e43bc0b 
…ble names for clarity

Signed-off-by: Sofia Lohr <sofia.lohr@iteratec.com>
@sofi0071
secureCodeBox#1454 removed unnecessary lines, updated version, and a…
eef6444 
…dded annotations

Signed-off-by: Sofia Lohr <sofia.lohr@iteratec.com>
@sofi0071
secureCodeBox#1454 added CVEs as findings
2465edd 
Signed-off-by: Sofia Lohr <sofia.lohr@iteratec.com>
@sofi0071
secureCodeBox#1454 adjusted findings to new findings format
665630e 
Signed-off-by: Sofia Lohr <sofia.lohr@iteratec.com>
@sofi0071
secureCodeBox#1454 added and changed files for cascading rules
a464dd2 
Signed-off-by: Sofia Lohr <sofia.lohr@iteratec.com>
@sofi0071
secureCodeBox#1454 added error handling if scanner results into an e…
60d7ac9 
…rror

Signed-off-by: Sofia Lohr <sofia.lohr@iteratec.com>
@sofi0071
secureCodeBox#1454 added example for dummy-ssh
438778b 
Signed-off-by: Sofia Lohr <sofia.lohr@iteratec.com>
@sofi0071
secureCodeBox#1454 started to implement helm-docs
d9a05d7 
Signed-off-by: Sofia Lohr <sofia.lohr@iteratec.com>
Reet00 added 9 commits May 4, 2023 15:49
@Reet00
secureCodeBox#1454 Generated Readme for ssh-audit
24cd680 
Signed-off-by: Samreet Singh <samreet.singh@iteratec.com>
@Reet00
secureCodeBox#1454 Changed version to clone repo from
0bfc298 
Signed-off-by: Samreet Singh <samreet.singh@iteratec.com>
@Reet00
secureCodeBox#1454 Added files for unit-tests
fb4de88 
Signed-off-by: Samreet Singh <samreet.singh@iteratec.com>
@Reet00
secureCodeBox#1454 Bug fixed to accomodate findings format, referenc…
f535d52 
…es as a list

Signed-off-by: Samreet Singh <samreet.singh@iteratec.com>
@Reet00
secureCodeBox#1454 improved wording for findings template
89f2511 
removed 'identified_at' to fix bug in unit-testing
changed 'hostname' to 'host' since target can be hostname or ip-address
added cve name in references

Signed-off-by: Samreet Singh <samreet.singh@iteratec.com>
@Reet00
secureCodeBox#1454 Added ssh-audit to scanner lists in various files
63cc79f 
Signed-off-by: Samreet Singh <samreet.singh@iteratec.com>
@Reet00
secureCodeBox#1454 Added error handling for wrapper
37d9efb 
Signed-off-by: Samreet Singh <samreet.singh@iteratec.com>
@Reet00
secureCodeBox#1454 updated example
9d1bfae 
Signed-off-by: Samreet Singh <samreet.singh@iteratec.com>
@Reet00
secureCodeBox#1454 new examples for unit-tests
6463fc0 
Signed-off-by: Samreet Singh <samreet.singh@iteratec.com>
@Reet00 Reet00 requested review from Weltraumschaf and removed request for Weltraumschaf May 8, 2023 07:54
Reet00 added 4 commits May 8, 2023 15:22
@Reet00
secureCodeBox#1454 Added integration-tests
8e99ee7 
Signed-off-by: Samreet Singh <samreet.singh@iteratec.com>
@Reet00
secureCodeBox#1454 Setted image repository and tags
136816d 
Signed-off-by: Samreet Singh <samreet.singh@iteratec.com>
@Reet00
secureCodeBox#1454 Changed Makefile to automate buildung of dummy-ssh
51d50f2 
Signed-off-by: Samreet Singh <samreet.singh@iteratec.com>
@Reet00
secureCodeBox#1454 Clean up code
5cdbb07 
Signed-off-by: Samreet Singh <samreet.singh@iteratec.com>
J12934
J12934 requested changes May 9, 2023
View reviewed changes
Copy link
Copy Markdown
Member

@J12934 J12934 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is looking really good 🙌
Noticed a couple of issues with the finding format. (Comment for that are primarily in the parser test)
Also a couple of suggestion on how to refactor the parser to make the code a bit more functional and consistent with the other parser code that we have.

sofi0071 and others added 7 commits May 9, 2023 14:27
@sofi0071 @J12934
secureCodeBox#1454 added suggestions
127efd8 
Co-authored-by: Jannik Hollenbach <jannik.hollenbach@iteratec.com>
Signed-off-by: Sofia Lohr <sofia.lohr@iteratec.com>
@sofi0071 @J12934
secureCodeBox#1454 changed findings format
ecdd988 
-location for every finding
-location as URI
-added attribute port
-changed template to avoid unneccessary if-statements

Co-authored-by: Jannik Hollenbach <jannik.hollenbach@iteratec.com>
Signed-off-by: Sofia Lohr <sofia.lohr@iteratec.com>
@sofi0071
secureCodeBox#1454 added feature to differentiate hostname and ip-ad…
ba14ec9 
…dress

Signed-off-by: Sofia Lohr <sofia.lohr@iteratec.com>
@sofi0071
secureCodeBox#1454 updated format in unit-tests and fixed typo in ex…
47155fd 
…ample.json

Signed-off-by: Sofia Lohr <sofia.lohr@iteratec.com>
@Reet00
secureCodeBox#1454 Added and updated examples
8bd1990 
Signed-off-by: Samreet Singh <samreet.singh@iteratec.com>
@Reet00
secureCodeBox#1454 Added unit-test with different port and ip-address
d887522 
Signed-off-by: Samreet Singh <samreet.singh@iteratec.com>
@Reet00
secureCodeBox#1454 Bug fix: added template for 'add' findings
47701cc 
Signed-off-by: Samreet Singh <samreet.singh@iteratec.com>
J12934
J12934 reviewed May 10, 2023
View reviewed changes
sofi0071 and others added 4 commits May 11, 2023 10:33
@sofi0071
secureCodeBox#1454 Deleted unnecessary lines
79fda16 
Co-authored-by: Jannik Hollenbach <jannik.hollenbach@iteratec.com>

Signed-off-by: Sofia Lohr <sofia.lohr@iteratec.com>
@sofi0071 @Reet00
secureCodeBox#1454 beautified code and corrected findings format (+ …
5523051 
…fixed typo)

Signed-off-by: Sofia Lohr <sofia.lohr@iteratec.com>
Co-authored-by: Samreet Singh <samreet.singh@iteratec.com>
@Reet00 @sofi0071
secureCodeBox#1454 Updated examples to current parser and updated docs
753c67c 
Co-authored-by: Sofia Lohr <sofia.lohr@iteratec.com>
Signed-off-by: Samreet Singh <samreet.singh@iteratec.com>
@sofi0071
Merge branch 'main' into scanner/ssh-audit
42865ce
@sofi0071 sofi0071 merged commit 93cdf2f into secureCodeBox:main May 11, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@sofi0071 sofi0071 sofi0071 left review comments

@J12934 J12934 J12934 approved these changes

Assignees

No one assigned

Labels

scanner Implement or update a security scanner

Projects

secureCodeBox
Archived in project

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Deprecate ssh_Scan

3 participants

@Reet00 @J12934 @sofi0071