sshamble: A research tool for SSH implementations
sshamble
SSHamble is a research tool for SSH implementations that includes:
- Interesting attacks against authentication
- Post-session authentication attacks
- Pre-authentication state transitions
- Authentication timing analysis
- Post-session enumeration
SSHamble simulates potential attack scenarios, including unauthorized remote access due to unexpected state transitions, remote command execution in post-session login implementations, and information leakage through unlimited high-speed authentication requests. The SSHamble interactive shell provides raw access to SSH requests in the post-session (but pre-execution) environment, allowing for simple testing of environment controls, signal processing, port forwarding, and more.
Installation
Binaries are available from the releases page.
To build SSHamble from source, ensure that you have a recent version of Go (1.22.6+) installed.
You can use Go to install a binary into the bin directory in your GOPATH.
If you are using macOS, you may run into errors at runtime unless you disable CGO before building:
[pastacode lang=”markup” manual=”%24%20export%20CGO_ENABLED%3D0%0A%24%20go%20install%20github.com%2FrunZeroInc%2Fsshamble%40latest” message=”” highlight=”” provider=”manual”/]
To build from source locally:
[pastacode lang=”markup” manual=”%24%20git%20clone%20https%3A%2F%2Fgithub.com%2FrunZeroInc%2Fsshamble%0A%24%20cd%20sshamble%0A%24%20go%20build%20-o%20sshamble%0A%24%20.%2Fsshamble%20-h” message=”” highlight=”” provider=”manual”/]
To enable experimental badkeys support, run the generator first:
[pastacode lang=”markup” manual=”%24%20git%20clone%20https%3A%2F%2Fgithub.com%2FrunZeroInc%2Fsshamble%0A%24%20cd%20sshamble%0A%24%20go%20generate%20.%2F…%0A%24%20go%20build%20-o%20sshamble%0A%24%20.%2Fsshamble%20-h” message=”” highlight=”” provider=”manual”/]
Use
Support Our Threat Intelligence
If you find our technology report and cybersecurity news helpful, consider supporting our work.
Buy Me a Coffee
PayPal
