From: David Wolever (wolever.lists@gmail.com)
Date: Mon Jan 23 2006 - 22:01:57 EST
I would imagine an SSH MITM tool would not be terribly popular. You
can see why if you try and connect to a host who's encryption key has
changed since you last connected (you have to manually edit
~/.ssh/known_hosts before SSH will connect). Very few people will
just shrug that off the way they would, say "The certificate provided
by this web page is invalid [Yes] [No]". Actually, that's what Putty
does... but that's beside the point >_~
I would imagine, if you need to somehow attack SSH, it might be
slightly easier to simply re-direct the connection to your machine
(arp spoof, DNS hijack, what ever floats your boat) then just accept
the connection yourself. All it would get you is the user's password
(unless they are using key-based authentication), but its better than
nothing.
Just my thoughts on the matter...
David
On 1/21/06, Cedric Foll <cedric.foll@ac-rouen.fr> wrote:
> Hi,
>
> anyone knows a tool which is able to make a man in the middle on SSH2 ?
> I've found ssharp (http://stealth.openwall.net/SSH/) but it seem quite
> old and I failed to compile it.
>
> Anything else ?
>
>
> Regards.
>
> ------------------------------------------------------------------------------
> Audit your website security with Acunetix Web Vulnerability Scanner:
>
> Hackers are concentrating their efforts on attacking applications on your
> website. Up to 75% of cyber attacks are launched on shopping carts, forms,
> login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
> futile against web application hacking. Check your website for vulnerabilities
> to SQL injection, Cross site scripting and other web attacks before hackers do!
> Download Trial at:
>
> http://www.securityfocus.com/sponsor/pen-test_050831
> -------------------------------------------------------------------------------
>
>
------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:
Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:24 EDT