Skip to content

ssh-mitm/at.ssh_mitm.server

 
 

Repository files navigation

SSH-MITM is a man in the middle (mitm) server for security audits supporting public key authentication, session hijacking and file manipulation.

Installation SSH-MITM

The first step to using any software package is getting it properly installed.

To install SSH-MITM, simply run this simple command in your terminal of choice:

$ flatpak install at.ssh_mitm.server

Connect to the network

To start an intercepting mitm-ssh server on Port 10022, all you have to do is run a single command.

# start the mitm server
$ flatpak run at.ssh_mitm.server --remote-host 192.168.0.x

# connect to the mitm server
$ ssh -p 10022 user@proxyserver

Hijack SSH sessions

When a client connects, the ssh-mitm starts a new server, which is used for session hijacking.

[INFO] created injector shell on port 34463

To hijack this session, you can use your favorite ssh client. All you have to do is to connect to the hijacked session.

$ ssh -p 34463 127.0.0.1 

Contributing

Please contribute to SSH-MITM server

Pull requests are welcome.

For major changes, please open an issue first to discuss what you would like to change.