{"id":23148719,"url":"https://github.com/rub-nds/terrapin-scanner","last_synced_at":"2025-05-16T14:04:30.455Z","repository":{"id":213143095,"uuid":"730764361","full_name":"RUB-NDS/Terrapin-Scanner","owner":"RUB-NDS","description":"This repository contains a simple vulnerability scanner for the Terrapin attack present in the paper \"Terrapin Attack: Breaking SSH Channel Integrity By Sequence Number Manipulation\".","archived":false,"fork":false,"pushed_at":"2024-03-17T02:19:21.000Z","size":63,"stargazers_count":967,"open_issues_count":5,"forks_count":66,"subscribers_count":13,"default_branch":"main","last_synced_at":"2025-04-12T10:57:50.159Z","etag":null,"topics":["attack","cryptography","ssh","vulnerability","vulnerability-scanner"],"latest_commit_sha":null,"homepage":"https://terrapin-attack.com","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/RUB-NDS.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2023-12-12T16:12:18.000Z","updated_at":"2025-04-11T11:39:38.000Z","dependencies_parsed_at":"2023-12-18T21:05:41.990Z","dependency_job_id":"ae8ed311-c225-4b5c-b966-445241c9d86a","html_url":"https://github.com/RUB-NDS/Terrapin-Scanner","commit_stats":null,"previous_names":["rub-nds/terrapin-scanner"],"tags_count":8,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/RUB-NDS%2FTerrapin-Scanner","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/RUB-NDS%2FTerrapin-Scanner/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/RUB-NDS%2FTerrapin-Scanner/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/RUB-NDS%2FTerrapin-Scanner/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/RUB-NDS","download_url":"https://codeload.github.com/RUB-NDS/Terrapin-Scanner/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":254544146,"owners_count":22088807,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["attack","cryptography","ssh","vulnerability","vulnerability-scanner"],"created_at":"2024-12-17T17:12:48.122Z","updated_at":"2025-05-16T14:04:30.436Z","avatar_url":"https://github.com/RUB-NDS.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Terrapin Vulnerability Scanner\n\nThe Terrapin Vulnerability Scanner is a small utility program written in Go, which can be used to determine the vulnerability of an SSH client or server against the [Terrapin Attack](https://terrapin-attack.com). The vulnerability scanner requires a single connection with the peer to gather all supported algorithms. However, it does not perform a fully fledged SSH key exchange, will never attempt authentication on a server, and does not perform the attack in practice. Instead, vulnerability is determined by checking the supported algorithms and support for known countermeasures (strict key exchange). This may falsely claim vulnerability in case the peer supports countermeasures unknown to this tool.\n\n## Running\n\nFor convenience, we are providing pre-compiled binaries for all major desktop platforms. These can be found on the [Release page](https://github.com/RUB-NDS/Terrapin-Scanner/releases/latest). We have also provided a Docker image that supports most of the major architectures. This image can be run as:\n\n```bash\ndocker run --rm -it ghcr.io/rub-nds/terrapin-scanner \u003cargs\u003e\n```\n\n\u003e [!IMPORTANT]  \n\u003e Note that when running the Terrapin Vulnerability Scanner inside a Docker container, the tool will bind to the container's localhost when specifying `--listen` with port only. To avoid connectivity issues, add `0.0.0.0` as its bind address and map the container's port to the host via Docker's `-p` argument.\n\u003e\n\u003e The following command will make the Terrapin Vulnerability Scanner available at port 2222 on the host system's localhost:\n\u003e ```bash\n\u003e docker run --rm -it -p localhost:2222:2222 ghcr.io/rub-nds/terrapin-scanner --listen 0.0.0.0:2222\n\u003e ```\n\n## Building\n\nHowever, we understand that you might prefer building tools that connect to your SSH server yourself. To do this, ensure that you have at least Go v1.18 installed. To compile and install the Terrapin Vulnerability Scanner Go package, run the command below.\n\n```bash\ngo install github.com/RUB-NDS/Terrapin-Scanner@latest\n```\n\nThis will download, compile, and install the Go package for your local system. The compiled binary will become available at `$GOBIN/Terrapin-Scanner`. If the `GOBIN` environment variable is not set, Go will default to using `$GOPATH/bin` or `$HOME/go/bin`, depending on whether the `$GOPATH` environment variable is set.\n\nYou can also build the Docker image yourself by running the commands below.\n\n```bash\ngit clone https://github.com/RUB-NDS/Terrapin-Scanner.git\ndocker build -t terrapin-scanner Terrapin-Scanner\n```\n\n## Usage\n\n```bash\n# Scan the SSH server available at localhost port 2222\n./Terrapin-Scanner --connect localhost:2222\n\n# If no port is specified, the tool will default to port 22 instead\n./Terrapin-Scanner --connect localhost\n\n# To scan an SSH client, specify the listen command instead\n# After running the command, you will need to connect with your SSH client to port 2222\n./Terrapin-Scanner --listen 0.0.0.0:2222\n\n# When binding to localhost, you can omit the interface address\n# The following command will listen for incoming connections on 127.0.0.1:2222\n./Terrapin-Scanner --listen 2222\n```\n\nThe scanner supports outputting the scan result as json. To do so, provide the `--json` flag when calling the scanner. The output is structured as follows:\n\n```json\n{\n    \"RemoteAddr\": \"127.0.0.1:22\",\n    \"IsServer\": true,\n    \"Banner\": \"SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.5\",\n    \"SupportsChaCha20\": true,\n    \"SupportsCbcEtm\": false,\n    \"SupportsStrictKex\": true,\n    \"Vulnerable\": false\n}\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frub-nds%2Fterrapin-scanner","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Frub-nds%2Fterrapin-scanner","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frub-nds%2Fterrapin-scanner/lists"}