ssh-mitm
BDFProxy
Our great sponsors
ssh-mitm | BDFProxy | |
---|---|---|
42 | 2 | |
1,211 | 975 | |
2.0% | - | |
8.8 | 0.0 | |
6 days ago | over 2 years ago | |
Python | Python | |
GNU General Public License v3.0 only | - |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
ssh-mitm
-
Terrapin Attack for prefix injection in SSH
There is now an issue ticket in ssh-mitm to discuss the similarities between ssh-mitm and terrapin attack: https://github.com/ssh-mitm/ssh-mitm/issues/165
-
SSH-MITM - Support for OpenSSH's certificate authority planned
You should check the Revisionhistory of the Readme file first.. https://github.com/ssh-mitm/ssh-mitm/commit/564028af25c395528446fbb679c7392469d59bfd
-
SSH-MitM 2.0.0 – Licence change to GPLv3
According to the commit log this is the license the repo was created with in 2020[0] title should be "SSH-MitM doesn't change it's license". Just a point fishing attempt? It does seem to be undoing a customized wording of the GPLv3 from Dec/2020[1]
[0]: https://github.com/ssh-mitm/ssh-mitm/commit/f4263d19211f080f...
The “customized wording” you’re seeing is “The LGPL”. It’s a different license from the GPL.
The history on the repo shows that the original license was GPL (June 2020), the author changed the license to LGPL (December 2022), and now they’re changing it to GPL again. https://github.com/ssh-mitm/ssh-mitm/commits/master/LICENSE
-
GitHub - Developers Support Ukraine
I have already added a badge to my repository: https://github.com/ssh-mitm/ssh-mitm
-
SSH – Spoofing FIDO2 Tokens
Tangential: I found the documentation for this at https://docs.ssh-mitm.at/ to be good since it went into the underlying concepts and working in some detail. As someone who uses ssh with key based authentication but hasn’t learned this at a deeper level — neither ssh nor the configuration (security, usability, etc.) — what are some good tutorials and sources to follow (I think text with diagrams and/or videos would be helpful)?
-
SSH Agent Forwarding - What are the best practices and current security issues?
Disclosure: I'm the author of SSH-MITM and the patch for PuTTY to disable trivial authentication. I want to provide more information on how to protect ssh sessions and avoid security problems.
BDFProxy
-
quicklisp security (or total lack of it)
for same sort of thing but not lisp, see backdoor factory that will backdoor any .exe you download over connection that attacker is MITMing. attacker doesn't need to know what specific library you will download from quicklisp, they write a mitmproxy script like that so for any download from quicklisp.org, it opens the .tar.gz, adds some malicious lisp to it (probably that just executes shell command to download and execute their normal malware, password stealer or whatever as I don't think they going to write full malware in lisp), repack it as .tar.gz you were requesting and serve it to you. It's not the same issue as phishing where they email saying please open and run attachment.exe and you click through all the warnings that you are doing something dangerous and about to run untrusted code. You just use quicklisp as you normally do, if you install any package, when an attacker can MITM your connection they can run code on your computer. Yes that is sometimes also possible with browser exploit but browsers have multiple layers of sandbox and protections against it, and when someone finds a vulnerability that gets through it is treated as a serious vulnerability to fix. some of this thread seems people saying well nothing is perfectly secure a sufficiently pacient, skilled, well-funded attacker can always get through somehow, so it doesn't matter raising the bar off the floor by not using http unverified to download code we run on people's computer
What are some alternatives?
the-backdoor-factory - Patch PE, ELF, Mach-O binaries with shellcode new version in development, available only to sponsors
cowrie - Cowrie SSH/Telnet Honeypot https://cowrie.readthedocs.io
docker-sshd - Minimal Alpine Linux Docker image with sshd exposed and rsync installed
sftpretty - Provides multi-threaded routines and high level protocol abstractions for a pretty quick & simple file transfer experience. Drop in replacement for pysftp.
super-auto-pets - A tool to allow for viewing of arbitrary Super Auto Pets replays
dit - DIT is a DTLS MitM proxy implemented in Python 3. It can intercept, manipulate and suppress datagrams between two DTLS endpoints and supports psk-based and certificate-based authentication schemes (RSA + ECC).
mitm - 👨🏼💻 A customizable man-in-the-middle TCP intercepting proxy.
openssh-portable - Portable OpenSSH
ssh-mitm - SSH man-in-the-middle tool
codecat - CodeCat is an open-source tool to help you find/track user input sinks and security bugs using static code analysis. These points follow regex rules. Beta version.
proxy.py - ⚡ Fast • 🪶 Lightweight • 0️⃣ Dependency • 🔌 Pluggable • 😈 TLS interception • 🔒 DNS-over-HTTPS • 🔥 Poor Man's VPN • ⏪ Reverse & ⏩ Forward • 👮🏿 "Proxy Server" framework • 🌐 "Web Server" framework • ➵ ➶ ➷ ➠ "PubSub" framework • 👷 "Work" acceptor & executor framework