Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/richlamdev/ssh-default-banners

Nmap NSE script to identify Debian, Ubuntu, FreeBSD version based on default SSH banner response. Intended for Penentration Testing, OSCP/PWK, HackTheBox (HTB), TryHackMe, RootMe
https://github.com/richlamdev/ssh-default-banners

banner-grabbing debian enumeration ethical-hacking freebsd hacking htb lua network-analysis nmap nse-script openssh openssh-server oscp penetration-testing raspberry-pi ssh ssh-banner ssh-server ubuntu

Last synced: 9 days ago
JSON representation

Nmap NSE script to identify Debian, Ubuntu, FreeBSD version based on default SSH banner response. Intended for Penentration Testing, OSCP/PWK, HackTheBox (HTB), TryHackMe, RootMe

Host: GitHub
URL: https://github.com/richlamdev/ssh-default-banners
Owner: richlamdev
License: mit
Created: 2019-09-06T22:10:45.000Z (over 5 years ago)
Default Branch: master
Last Pushed: 2024-12-26T08:51:19.000Z (about 1 month ago)
Last Synced: 2025-01-19T03:28:59.969Z (17 days ago)
Topics: banner-grabbing, debian, enumeration, ethical-hacking, freebsd, hacking, htb, lua, network-analysis, nmap, nse-script, openssh, openssh-server, oscp, penetration-testing, raspberry-pi, ssh, ssh-banner, ssh-server, ubuntu
Language: Lua
Homepage:
Size: 84 KB
Stars: 32
Watchers: 4
Forks: 2
Open Issues: 0
Metadata Files:
- Readme: README.md
- Contributing: CONTRIBUTING.md
- License: LICENSE
- Code of conduct: CODE_OF_CONDUCT.md

Awesome Lists containing this project

README

# ssh-default-banners
Default SSH banner responses

List of default banner responses for Debian, Ubuntu, and FreeBSD

## ssh-os.nse:

Identifies Ubuntu, FreeBSD, or Debian version based on response of SSH banner.

Identifies the following versions:

Ubuntu 4.10 to 24.10

FreeBSD 4.3 to 14.2-RELEASE

Debian 3.x to 12.x

Raspbian 7.x to 11.x (tentative 11.x version recognition)

Note: The accuracy of the response is based on the default banner response.
A number of scenarios may provide an inaccurate result from the target host:

* different OpenSSH version or alternative SSH server installed
* edited/omitted banner via sshd_config
* hexedit of OpenSSH binary; modified banner
* recompiled OpenSSH

#### Usage:
```
nmap -p22 -sV --script ssh-os.nse
OR
nmap -p -sV --script ssh-os.nse
```

#### Medium Post:

https://medium.com/@richlam.dev/nmap-ubuntu-debian-freebsd-version-discovery-ssh-oh-ece7e46af26e

#### Nmap Pull Request:

https://github.com/nmap/nmap/pull/1728

#### Some banners from:

https://github.com/rapid7/recog/blob/master/xml/ssh_banners.xml

#### TODO:

1. Update FreeBSD SSH banner recognition to regex entire banner response; this
will better distinguish between FreeBSD versions.

2. Migrate banner lookup references from within the script to external files.
Eventually, the number of lookup tables within the script will be too unwieldly.