Skip to content
/ ssh-default-banners Public

Nmap NSE script to identify Debian, Ubuntu, FreeBSD version based on default SSH banner response. Intended for Penentration Testing, OSCP/PWK, HackTheBox (HTB), TryHackMe, RootMe

License

MIT license
32 stars 2 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

richlamdev/ssh-default-banners

5 Branches0 Tags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

richlamdevrichlamdev
Merge pull request #8 from richlamdev/ubuntu-25.04
Apr 19, 2025
60c5f92 · Apr 19, 2025

History

57 Commits
.gitignore
.gitignore
Apr 25, 2024
CODE_OF_CONDUCT.md
CODE_OF_CONDUCT.md
Oct 14, 2022
CONTRIBUTING.md
CONTRIBUTING.md
Oct 14, 2022
LICENSE
LICENSE
Oct 14, 2022
README.md
README.md
Apr 19, 2025
debian_tsv.txt
debian_tsv.txt
Jun 12, 2023
freebsd_tsv.txt
freebsd_tsv.txt
Mar 14, 2025
raspbian_tsv.txt
raspbian_tsv.txt
Jan 24, 2021
ssh-os.nse
ssh-os.nse
Apr 19, 2025
ubuntu_tsv.txt
ubuntu_tsv.txt
Apr 19, 2025

Repository files navigation

ssh-default-banners

Default SSH banner responses

List of default banner responses for Debian, Ubuntu, and FreeBSD

ssh-os.nse:

Identifies Ubuntu, FreeBSD, or Debian version based on response of SSH banner.

Identifies the following versions:

Ubuntu 4.10 to 25.04

FreeBSD 4.3 to 14.2-RELEASE

Debian 3.x to 12.x

Raspbian 7.x to 11.x (tentative 11.x version recognition)

Note: The accuracy of the response is based on the default banner response. A number of scenarios may provide an inaccurate result from the target host:

  • different OpenSSH version or alternative SSH server installed
  • edited/omitted banner via sshd_config
  • hexedit of OpenSSH binary; modified banner
  • recompiled OpenSSH

Usage:

nmap -p22 -sV --script ssh-os.nse <target>
  OR
nmap -p <port number> -sV --script ssh-os.nse <target>

Medium Post:

https://medium.com/@richlam.dev/nmap-ubuntu-debian-freebsd-version-discovery-ssh-oh-ece7e46af26e

Nmap Pull Request:

nmap/nmap#1728

Some banners from:

https://github.com/rapid7/recog/blob/master/xml/ssh_banners.xml

TODO:

  1. Update FreeBSD SSH banner recognition to regex entire banner response; this will better distinguish between FreeBSD versions.

  2. Migrate banner lookup references from within the script to external files. Eventually, the number of lookup tables within the script will be too unwieldly.

About

Nmap NSE script to identify Debian, Ubuntu, FreeBSD version based on default SSH banner response. Intended for Penentration Testing, OSCP/PWK, HackTheBox (HTB), TryHackMe, RootMe

Topics

ssh freebsd raspberry-pi lua debian ubuntu ssh-server hacking enumeration nmap penetration-testing openssh openssh-server network-analysis ethical-hacking oscp nse-script htb ssh-banner banner-grabbing

Resources

Readme

License

MIT license

Code of conduct

Code of conduct
Activity

Stars

32 stars

Watchers

4 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

Languages