ssh-audit
ssh-audit copied to clipboard
Published
20 hours ago •
jtesta
jtesta
Error while scanning multiple host in against a policy (`-T` & `-P`)
Scaning multiple host against a given policy fails with this error
$ python3 ssh-audit.py -T targets.txt -P test.pol -j
[Traceback (most recent call last):
File "/home/kali/dev/ssh-audit/ssh-audit.py", line 19, in <module>
exit_code = main()
^^^^^^
File "/home/kali/dev/ssh-audit/src/ssh_audit/ssh_audit.py", line 1599, in main
worker_ret, worker_output = future.result()
^^^^^^^^^^^^^^^
File "/usr/lib/python3.11/concurrent/futures/_base.py", line 449, in result
return self.__get_result()
^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3.11/concurrent/futures/_base.py", line 401, in __get_result
raise self._exception
File "/usr/lib/python3.11/concurrent/futures/thread.py", line 58, in run
result = self.fn(*self.args, **self.kwargs)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/home/kali/dev/ssh-audit/src/ssh_audit/ssh_audit.py", line 1438, in target_worker_thread
my_aconf = copy.deepcopy(shared_aconf)
^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3.11/copy.py", line 172, in deepcopy
y = _reconstruct(x, memo, *rv)
^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3.11/copy.py", line 271, in _reconstruct
state = deepcopy(state, memo)
^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3.11/copy.py", line 146, in deepcopy
y = copier(x, memo)
^^^^^^^^^^^^^^^
File "/usr/lib/python3.11/copy.py", line 231, in _deepcopy_dict
y[deepcopy(key, memo)] = deepcopy(value, memo)
^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3.11/copy.py", line 172, in deepcopy
y = _reconstruct(x, memo, *rv)
^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3.11/copy.py", line 271, in _reconstruct
state = deepcopy(state, memo)
^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3.11/copy.py", line 146, in deepcopy
y = copier(x, memo)
^^^^^^^^^^^^^^^
File "/usr/lib/python3.11/copy.py", line 231, in _deepcopy_dict
y[deepcopy(key, memo)] = deepcopy(value, memo)
^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3.11/copy.py", line 161, in deepcopy
rv = reductor(4)
^^^^^^^^^^^
TypeError: cannot pickle '_io.TextIOWrapper' object
hinting at some copy error which is caused by this line
Using the fix from https://github.com/jtesta/ssh-audit/pull/285 allows to process multiple hosts.
$ python3 ssh-audit.py -T tmp -P test.pol
Host: kali:2222
Policy: Custom Policy (based on kali on 2024/07/07) (version 1)
Result: ✔ Passed
--------------------------------------------------------------------------------
Host: kali:2222
Policy: Custom Policy (based on kali on 2024/07/07) (version 1)
Result: ✔ Passed
$ python3 ssh-audit.py -T tmp -P test.pol -j | jq .
[
{
"errors": [],
"host": "kali",
"passed": true,
"policy": "Custom Policy (based on kali on 2024/07/07) (version 1)"
},
{
"errors": [],
"host": "kali",
"passed": true,
"policy": "Custom Policy (based on kali on 2024/07/07) (version 1)"
}
]
I believe this was fixed in https://github.com/jtesta/ssh-audit/commit/dcbc43acdf6f47c644ab8e1cfc664863f3e86c94. But if this doesn't solve the problem for you, please re-open this issue.
Thanks for reporting!
