sshamble: A research tool for SSH implementations
sshamble
SSHamble is a research tool for SSH implementations that includes:
- Interesting attacks against authentication
- Post-session authentication attacks
- Pre-authentication state transitions
- Authentication timing analysis
- Post-session enumeration
SSHamble simulates potential attack scenarios, including unauthorized remote access due to unexpected state transitions, remote command execution in post-session login implementations, and information leakage through unlimited high-speed authentication requests. The SSHamble interactive shell provides raw access to SSH requests in the post-session (but pre-execution) environment, allowing for simple testing of environment controls, signal processing, port forwarding, and more.
Installation
Binaries are available from the releases page.
To build SSHamble from source, ensure that you have a recent version of Go (1.22.6+) installed.
You can use Go to install a binary into the bin directory in your GOPATH.
If you are using macOS, you may run into errors at runtime unless you disable CGO before building:
To build from source locally:
To enable experimental badkeys support, run the generator first:
Use
