Listener mode, IP address of connected host is not reported
PSLLSP opened this issue · 1 comments
PSLLSP commented
I would like to see IP address of client that connected to the scanner in listening mode. IP address is missing in the report:
user@ubuntu:~$ ./Terrapin_Scanner_Linux -listen 0.0.0.0:34567
Listening for incoming client connection on 0.0.0.0:34567
================================================================================
==================================== Report ====================================
================================================================================
Remote Banner: SSH-2.0-OpenSSH_9.5
ChaCha20-Poly1305 support: true
CBC-EtM support: false
Strict key exchange support: false
The scanned peer is VULNERABLE to Terrapin.
Note: This tool is provided as is, with no warranty whatsoever. It determines
the vulnerability of a peer by checking the supported algorithms and
support for strict key exchange. It may falsely claim a peer to be
vulnerable if the vendor supports countermeasures other than strict key
exchange.
For more details visit our website available at https://terrapin-attack.com
IP address is reported when scanner is reporting result in JSON format, it means that scanner knows IP address and can report it in any mode:
user@ubuntu:~$ ./Terrapin_Scanner_Linux -json -listen 0.0.0.0:34567
Listening for incoming client connection on 0.0.0.0:34567
{
"RemoteAddr": "192.168.32.1:44706",
"IsServer": false,
"Banner": "SSH-2.0-OpenSSH_9.5",
"SupportsChaCha20": true,
"SupportsCbcEtm": false,
"SupportsStrictKex": false,
"Vulnerable": true
}
Version:
user@ubuntu:~$ ./Terrapin_Scanner_Linux -version
Terrapin Vulnerability Scanner v1.1.3
TrueSkrillor commented
Seems like I forgot about the text summary when implementing #25. I will extend the report next week.