%global _empty_manifest_terminate_build 0 Name: python-ssh-mitm Version: 3.0.2 Release: 1 Summary: ssh mitm server for security audits supporting publickey authentication, session hijacking and file manipulation License: GNU General Public License v3 (GPLv3) URL: https://www.ssh-mitm.at Source0: https://mirrors.nju.edu.cn/pypi/web/packages/06/d5/1ba6c77847886f44d5c2137f326b80078a1b4e261e53b03a75fbeb8a41f3/ssh-mitm-3.0.2.tar.gz BuildArch: noarch Requires: python3-argcomplete Requires: python3-paramiko Requires: python3-pytz Requires: python3-sshpubkeys Requires: python3-pyyaml Requires: python3-packaging Requires: python3-colored Requires: python3-rich %description

SSH-MITM - ssh audits made simple

SSH-MITM intercepting password login

ssh man-in-the-middle (ssh-mitm) server for security audits supporting
publickey authentication, session hijacking and file manipulation

Get it from the Snap Store

Contributors

## Table of Contents - [Introduction](#introduction) - [Features](#features) - [Installation](#installation) - [Quickstart](#quickstart) - [Session hijacking](#session-hijacking) - [Phishing FIDO Tokens](#phishing-fido-tokens) - [Contributing](#contributing) - [Contact](#contact) ## Introduction [![Downloads](https://pepy.tech/badge/ssh-mitm)](https://pepy.tech/project/ssh-mitm) [![CodeFactor](https://www.codefactor.io/repository/github/ssh-mitm/ssh-mitm/badge)](https://www.codefactor.io/repository/github/ssh-mitm/ssh-mitm) [![Documentation Status](https://readthedocs.org/projects/ssh-mitm/badge/?version=latest)](https://docs.ssh-mitm.at/?badge=latest) [![GitHub](https://img.shields.io/github/license/ssh-mitm/ssh-mitm?color=%23434ee6)](https://github.com/ssh-mitm/ssh-mitm/blob/master/LICENSE) [![PRs Welcome](https://img.shields.io/badge/PRs-welcome-brightgreen.svg?style=flat-square)](http://makeapullrequest.com) **SSH-MITM** is a man in the middle SSH Server for security audits and malware analysis. Password and **publickey authentication** are supported and SSH-MITM is able to detect, if a user is able to login with publickey authentication on the remote server. This allows SSH-MITM to accept the same key as the destination server. If publickey authentication is not possible, the authentication will fall back to password-authentication. When publickey authentication is possible, a forwarded agent is needed to login to the remote server. In cases, when no agent was forwarded, SSH-MITM can rediredt the session to a honeypot.

(back to top)

## Features * publickey authentication * accept same key as destination server * Phishing FIDO Tokens ([Information from OpenSSH](https://www.openssh.com/agent-restrict.html)) * hijacking and logging of terminal sessions * store and replace files during SCP/SFTP file transferes * port porwarding * SOCKS 4/5 support for dynamic port forwarding * intercept MOSH connections * audit clients against known vulnerabilities * plugin support

(back to top)

## Installation **SSH-MITM** can be installed as a [Ubuntu Snap](https://snapcraft.io/ssh-mitm), [PIP-Package](https://pypi.org/project/ssh-mitm/), [AppImage](https://github.com/ssh-mitm/ssh-mitm/releases/latest), [Nix](https://search.nixos.org/packages?channel=unstable&show=ssh-mitm&type=packages&query=ssh-mitm) and even runs on **[Android devices](https://github.com/ssh-mitm/ssh-mitm/discussions/83#discussioncomment-1531873)** # install ssh-mitm as snap package $ sudo snap install ssh-mitm # install ssh-mitm as python pip package $ python3 -m pip install ssh-mitm # install as Nix package $ nix-env -iA nixos.ssh-mitm

(back to top)

## Quickstart To start SSH-MITM, all you have to do is run this command in your terminal of choice. $ ssh-mitm server --remote-host 192.168.0.x Now let's try to connect. SSH-MITM is listening on port 10022. $ ssh -p 10022 testuser@proxyserver You will see the credentials in the log output. INFO Remote authentication succeeded Remote Address: 127.0.0.1:22 Username: testuser Password: secret Agent: no agent

(back to top)

## Session hijacking Getting the plain text credentials is only half the fun. When a client connects, the ssh-mitm starts a new server, which is used for session hijacking. INFO ℹ created mirrorshell on port 34463. connect with: ssh -p 34463 127.0.0.1 To hijack the session, you can use your favorite ssh client. $ ssh -p 34463 127.0.0.1 Try to execute somme commands in the hijacked session or in the original session. The output will be shown in both sessions.

(back to top)

## Phishing FIDO Tokens SSH-MITM is able to phish FIDO2 Tokens which can be used for 2 factor authentication. The attack is called [trivial authentication](https://docs.ssh-mitm.at/trivialauth.html) ([CVE-2021-36367](https://docs.ssh-mitm.at/CVE-2021-36367.html), [CVE-2021-36368](https://docs.ssh-mitm.at/CVE-2021-36368.html)) and can be enabled with the command line argument `--enable-trivial-auth`. ssh-mitm server --enable-trivial-auth Using the trivial authentication attack does not break password authentication, because the attack is only performed when a publickey login is possible.

Video explaining the phishing attack:
Click to view video on vimeo.com
Click to view video on vimeo.com

Downlaod presentation slides

(back to top)

## Contributing Contributions are what make the open source community such an amazing place to learn, inspire, and create. Any contributions you make are **greatly appreciated**. If you have a suggestion that would make this better, please fork the repo and create a pull request. You can also simply open an issue with the tag "enhancement". Don't forget to give the project a star! Thanks again! 1. Fork the Project 2. Create your Feature Branch (`git checkout -b feature/AmazingFeature`) 3. Commit your Changes (`git commit -m 'Add some AmazingFeature'`) 4. Push to the Branch (`git push origin feature/AmazingFeature`) 5. Open a Pull Request See also the list of [contributors](https://github.com/ssh-mitm/ssh-mitm/graphs/contributors) who participated in this project.

(back to top)

## Contact - E-Mail: support@ssh-mitm.at - [Issue Tracker](https://github.com/ssh-mitm/ssh-mitm/issues)

(back to top)

%package -n python3-ssh-mitm Summary: ssh mitm server for security audits supporting publickey authentication, session hijacking and file manipulation Provides: python-ssh-mitm BuildRequires: python3-devel BuildRequires: python3-setuptools BuildRequires: python3-pip %description -n python3-ssh-mitm

SSH-MITM - ssh audits made simple

SSH-MITM intercepting password login

ssh man-in-the-middle (ssh-mitm) server for security audits supporting
publickey authentication, session hijacking and file manipulation

Get it from the Snap Store

Contributors

## Table of Contents - [Introduction](#introduction) - [Features](#features) - [Installation](#installation) - [Quickstart](#quickstart) - [Session hijacking](#session-hijacking) - [Phishing FIDO Tokens](#phishing-fido-tokens) - [Contributing](#contributing) - [Contact](#contact) ## Introduction [![Downloads](https://pepy.tech/badge/ssh-mitm)](https://pepy.tech/project/ssh-mitm) [![CodeFactor](https://www.codefactor.io/repository/github/ssh-mitm/ssh-mitm/badge)](https://www.codefactor.io/repository/github/ssh-mitm/ssh-mitm) [![Documentation Status](https://readthedocs.org/projects/ssh-mitm/badge/?version=latest)](https://docs.ssh-mitm.at/?badge=latest) [![GitHub](https://img.shields.io/github/license/ssh-mitm/ssh-mitm?color=%23434ee6)](https://github.com/ssh-mitm/ssh-mitm/blob/master/LICENSE) [![PRs Welcome](https://img.shields.io/badge/PRs-welcome-brightgreen.svg?style=flat-square)](http://makeapullrequest.com) **SSH-MITM** is a man in the middle SSH Server for security audits and malware analysis. Password and **publickey authentication** are supported and SSH-MITM is able to detect, if a user is able to login with publickey authentication on the remote server. This allows SSH-MITM to accept the same key as the destination server. If publickey authentication is not possible, the authentication will fall back to password-authentication. When publickey authentication is possible, a forwarded agent is needed to login to the remote server. In cases, when no agent was forwarded, SSH-MITM can rediredt the session to a honeypot.

(back to top)

## Features * publickey authentication * accept same key as destination server * Phishing FIDO Tokens ([Information from OpenSSH](https://www.openssh.com/agent-restrict.html)) * hijacking and logging of terminal sessions * store and replace files during SCP/SFTP file transferes * port porwarding * SOCKS 4/5 support for dynamic port forwarding * intercept MOSH connections * audit clients against known vulnerabilities * plugin support

(back to top)

## Installation **SSH-MITM** can be installed as a [Ubuntu Snap](https://snapcraft.io/ssh-mitm), [PIP-Package](https://pypi.org/project/ssh-mitm/), [AppImage](https://github.com/ssh-mitm/ssh-mitm/releases/latest), [Nix](https://search.nixos.org/packages?channel=unstable&show=ssh-mitm&type=packages&query=ssh-mitm) and even runs on **[Android devices](https://github.com/ssh-mitm/ssh-mitm/discussions/83#discussioncomment-1531873)** # install ssh-mitm as snap package $ sudo snap install ssh-mitm # install ssh-mitm as python pip package $ python3 -m pip install ssh-mitm # install as Nix package $ nix-env -iA nixos.ssh-mitm

(back to top)

## Quickstart To start SSH-MITM, all you have to do is run this command in your terminal of choice. $ ssh-mitm server --remote-host 192.168.0.x Now let's try to connect. SSH-MITM is listening on port 10022. $ ssh -p 10022 testuser@proxyserver You will see the credentials in the log output. INFO Remote authentication succeeded Remote Address: 127.0.0.1:22 Username: testuser Password: secret Agent: no agent

(back to top)

## Session hijacking Getting the plain text credentials is only half the fun. When a client connects, the ssh-mitm starts a new server, which is used for session hijacking. INFO ℹ created mirrorshell on port 34463. connect with: ssh -p 34463 127.0.0.1 To hijack the session, you can use your favorite ssh client. $ ssh -p 34463 127.0.0.1 Try to execute somme commands in the hijacked session or in the original session. The output will be shown in both sessions.

(back to top)

## Phishing FIDO Tokens SSH-MITM is able to phish FIDO2 Tokens which can be used for 2 factor authentication. The attack is called [trivial authentication](https://docs.ssh-mitm.at/trivialauth.html) ([CVE-2021-36367](https://docs.ssh-mitm.at/CVE-2021-36367.html), [CVE-2021-36368](https://docs.ssh-mitm.at/CVE-2021-36368.html)) and can be enabled with the command line argument `--enable-trivial-auth`. ssh-mitm server --enable-trivial-auth Using the trivial authentication attack does not break password authentication, because the attack is only performed when a publickey login is possible.

Video explaining the phishing attack:
Click to view video on vimeo.com
Click to view video on vimeo.com

Downlaod presentation slides

(back to top)

## Contributing Contributions are what make the open source community such an amazing place to learn, inspire, and create. Any contributions you make are **greatly appreciated**. If you have a suggestion that would make this better, please fork the repo and create a pull request. You can also simply open an issue with the tag "enhancement". Don't forget to give the project a star! Thanks again! 1. Fork the Project 2. Create your Feature Branch (`git checkout -b feature/AmazingFeature`) 3. Commit your Changes (`git commit -m 'Add some AmazingFeature'`) 4. Push to the Branch (`git push origin feature/AmazingFeature`) 5. Open a Pull Request See also the list of [contributors](https://github.com/ssh-mitm/ssh-mitm/graphs/contributors) who participated in this project.

(back to top)

## Contact - E-Mail: support@ssh-mitm.at - [Issue Tracker](https://github.com/ssh-mitm/ssh-mitm/issues)

(back to top)

%package help Summary: Development documents and examples for ssh-mitm Provides: python3-ssh-mitm-doc %description help

SSH-MITM - ssh audits made simple

SSH-MITM intercepting password login

ssh man-in-the-middle (ssh-mitm) server for security audits supporting
publickey authentication, session hijacking and file manipulation

Get it from the Snap Store

Contributors

## Table of Contents - [Introduction](#introduction) - [Features](#features) - [Installation](#installation) - [Quickstart](#quickstart) - [Session hijacking](#session-hijacking) - [Phishing FIDO Tokens](#phishing-fido-tokens) - [Contributing](#contributing) - [Contact](#contact) ## Introduction [![Downloads](https://pepy.tech/badge/ssh-mitm)](https://pepy.tech/project/ssh-mitm) [![CodeFactor](https://www.codefactor.io/repository/github/ssh-mitm/ssh-mitm/badge)](https://www.codefactor.io/repository/github/ssh-mitm/ssh-mitm) [![Documentation Status](https://readthedocs.org/projects/ssh-mitm/badge/?version=latest)](https://docs.ssh-mitm.at/?badge=latest) [![GitHub](https://img.shields.io/github/license/ssh-mitm/ssh-mitm?color=%23434ee6)](https://github.com/ssh-mitm/ssh-mitm/blob/master/LICENSE) [![PRs Welcome](https://img.shields.io/badge/PRs-welcome-brightgreen.svg?style=flat-square)](http://makeapullrequest.com) **SSH-MITM** is a man in the middle SSH Server for security audits and malware analysis. Password and **publickey authentication** are supported and SSH-MITM is able to detect, if a user is able to login with publickey authentication on the remote server. This allows SSH-MITM to accept the same key as the destination server. If publickey authentication is not possible, the authentication will fall back to password-authentication. When publickey authentication is possible, a forwarded agent is needed to login to the remote server. In cases, when no agent was forwarded, SSH-MITM can rediredt the session to a honeypot.

(back to top)

## Features * publickey authentication * accept same key as destination server * Phishing FIDO Tokens ([Information from OpenSSH](https://www.openssh.com/agent-restrict.html)) * hijacking and logging of terminal sessions * store and replace files during SCP/SFTP file transferes * port porwarding * SOCKS 4/5 support for dynamic port forwarding * intercept MOSH connections * audit clients against known vulnerabilities * plugin support

(back to top)

## Installation **SSH-MITM** can be installed as a [Ubuntu Snap](https://snapcraft.io/ssh-mitm), [PIP-Package](https://pypi.org/project/ssh-mitm/), [AppImage](https://github.com/ssh-mitm/ssh-mitm/releases/latest), [Nix](https://search.nixos.org/packages?channel=unstable&show=ssh-mitm&type=packages&query=ssh-mitm) and even runs on **[Android devices](https://github.com/ssh-mitm/ssh-mitm/discussions/83#discussioncomment-1531873)** # install ssh-mitm as snap package $ sudo snap install ssh-mitm # install ssh-mitm as python pip package $ python3 -m pip install ssh-mitm # install as Nix package $ nix-env -iA nixos.ssh-mitm

(back to top)

## Quickstart To start SSH-MITM, all you have to do is run this command in your terminal of choice. $ ssh-mitm server --remote-host 192.168.0.x Now let's try to connect. SSH-MITM is listening on port 10022. $ ssh -p 10022 testuser@proxyserver You will see the credentials in the log output. INFO Remote authentication succeeded Remote Address: 127.0.0.1:22 Username: testuser Password: secret Agent: no agent

(back to top)

## Session hijacking Getting the plain text credentials is only half the fun. When a client connects, the ssh-mitm starts a new server, which is used for session hijacking. INFO ℹ created mirrorshell on port 34463. connect with: ssh -p 34463 127.0.0.1 To hijack the session, you can use your favorite ssh client. $ ssh -p 34463 127.0.0.1 Try to execute somme commands in the hijacked session or in the original session. The output will be shown in both sessions.

(back to top)

## Phishing FIDO Tokens SSH-MITM is able to phish FIDO2 Tokens which can be used for 2 factor authentication. The attack is called [trivial authentication](https://docs.ssh-mitm.at/trivialauth.html) ([CVE-2021-36367](https://docs.ssh-mitm.at/CVE-2021-36367.html), [CVE-2021-36368](https://docs.ssh-mitm.at/CVE-2021-36368.html)) and can be enabled with the command line argument `--enable-trivial-auth`. ssh-mitm server --enable-trivial-auth Using the trivial authentication attack does not break password authentication, because the attack is only performed when a publickey login is possible.

Video explaining the phishing attack:
Click to view video on vimeo.com
Click to view video on vimeo.com

Downlaod presentation slides

(back to top)

## Contributing Contributions are what make the open source community such an amazing place to learn, inspire, and create. Any contributions you make are **greatly appreciated**. If you have a suggestion that would make this better, please fork the repo and create a pull request. You can also simply open an issue with the tag "enhancement". Don't forget to give the project a star! Thanks again! 1. Fork the Project 2. Create your Feature Branch (`git checkout -b feature/AmazingFeature`) 3. Commit your Changes (`git commit -m 'Add some AmazingFeature'`) 4. Push to the Branch (`git push origin feature/AmazingFeature`) 5. Open a Pull Request See also the list of [contributors](https://github.com/ssh-mitm/ssh-mitm/graphs/contributors) who participated in this project.

(back to top)

## Contact - E-Mail: support@ssh-mitm.at - [Issue Tracker](https://github.com/ssh-mitm/ssh-mitm/issues)

(back to top)

%prep %autosetup -n ssh-mitm-3.0.2 %build %py3_build %install %py3_install install -d -m755 %{buildroot}/%{_pkgdocdir} if [ -d doc ]; then cp -arf doc %{buildroot}/%{_pkgdocdir}; fi if [ -d docs ]; then cp -arf docs %{buildroot}/%{_pkgdocdir}; fi if [ -d example ]; then cp -arf example %{buildroot}/%{_pkgdocdir}; fi if [ -d examples ]; then cp -arf examples %{buildroot}/%{_pkgdocdir}; fi pushd %{buildroot} if [ -d usr/lib ]; then find usr/lib -type f -printf "/%h/%f\n" >> filelist.lst fi if [ -d usr/lib64 ]; then find usr/lib64 -type f -printf "/%h/%f\n" >> filelist.lst fi if [ -d usr/bin ]; then find usr/bin -type f -printf "/%h/%f\n" >> filelist.lst fi if [ -d usr/sbin ]; then find usr/sbin -type f -printf "/%h/%f\n" >> filelist.lst fi touch doclist.lst if [ -d usr/share/man ]; then find usr/share/man -type f -printf "/%h/%f.gz\n" >> doclist.lst fi popd mv %{buildroot}/filelist.lst . mv %{buildroot}/doclist.lst . %files -n python3-ssh-mitm -f filelist.lst %dir %{python3_sitelib}/* %files help -f doclist.lst %{_docdir}/* %changelog * Tue May 30 2023 Python_Bot - 3.0.2-1 - Package Spec generated