SSH MITM

This penetration testing tool allows an auditor to intercept SSH connections. A patch applied to the OpenSSH v7.5p1 source code causes it to act as a proxy between the victim and their intended SSH server; all plaintext passwords and sessions are logged to disk. Of course, the victim's SSH client will complain that the server's key has changed. But because 99.99999% of the time this is caused by a legitimate action (OS re-install, configuration change, etc), many/most users will disregard the warning and continue on. NOTE: Only run the modified sshd_mitm in a VM or container! Ad-hoc edits were made to the OpenSSH sources in critical regions, with no regard to their security implications. Its not hard to imagine these edits introduce serious vulnerabilities.

Features

The quickest & easiest way to get started is to use the Docker image with SSH MITM pre-built
Find targets on the LAN, and ARP spoof them
Shell and SFTP sessions will be logged in the ssh_mitm_logs directory
To test out changes to the OpenSSH source code, use the dev/redeploy.sh script
To re-generate a full patch to the OpenSSH sources, use the dev/regenerate_patch.sh script
Only run the modified sshd_mitm in a VM or container

Project Samples

Project Activity

See All Activity >

License

MIT License

Follow SSH MITM

SSH MITM Web Site

Other Useful Business Software

MongoDB Atlas runs apps anywhere

Deploy in 115+ regions with the modern database for every enterprise.

MongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.

Start Free

Rate This Project

User Reviews

Be the first to post a review of SSH MITM!

Additional Project Details

Programming Language

Related Categories

C MiTM (Man-in-The-Middle) Attack Tool

Registered

2023-08-14

Similar Business Software

Aikido Security

Secure your code, cloud, and runtime in one central system. Aikido’s all-in-one security platform is loved by developers and security teams alike with full security visibility, insight in what matters most, and fast/automatic vulnerability fixes. Teams get security done with Aikido thanks...

See Software
Astra Pentest

Astra’s Pentest is a comprehensive penetration testing solution with an intelligent automated vulnerability scanner coupled with in-depth manual pentesting. On top of 10000+ tests including security checks for all CVEs mentioned in the OWASP top 10, and SANS 25, the automated scanner also...

See Software
Carbide

Carbide is a tech-enabled service that strengthens your company’s information security and privacy management capabilities. Our platform and expert services are tailored for companies aiming for a sophisticated security posture, particularly valuable for organizations that must meet rigorous...

See Software
Caido

Caido is a modern web security toolkit designed for pentesters, bug bounty hunters, and security teams who need an efficient and customizable solution for web application testing. Caido features a powerful intercept proxy for capturing and manipulating HTTP requests, replay functionality for...

See Software
Defendify

Founded in 2017, Defendify is pioneering All-In-One Cybersecurity® for organizations with growing security needs, backed by experts offering ongoing guidance and support. Delivering multiple layers of protection, Defendify provides an easy-to-use platform designed to strengthen...

See Software
Silent Armor

Silent Armor is an AI-powered perimeter defense platform designed to predict and prevent cyber breaches before they occur. It continuously analyzes hundreds of security metrics across an organization’s attack surface to deliver real-time, intelligent protection. The platform combines predictive...

See Software