Coder Social home page Coder Social logo

phamasaur / openssh-backdoors Goto Github PK

View Code? Open in Web Editor NEW

This project forked from gaspareg/openssh-backdoors

0.0 0.0 0.0 9.59 MB

A landscape of OpenSSH backdoors - Seminar for ICT Risk Assessment exam @ UniPi

License: GNU Affero General Public License v3.0

TeX 100.00%

openssh-backdoors's Introduction

OpenSSH-Backdoors

A landscape of OpenSSH backdoors - Seminar for ICT Risk Assessment exam @ UniPi

Presentation: presentation.pdf

Index

  1. Introduction
    • SSH
    • OpenSSH Suite
    • The attackers
    • Operation Windigo
  2. Common features of OpenSSH backdoors
    • Strings and code obfuscation
    • Credential stealing
    • Exfiltration methods
    • Backdoor mode
  3. Backdoors families
    • OpenSSH backdoor galaxy
    • Chandrila
    • Bonadan
    • Kessel
    • Kamino
  4. Honeypot
    • Definition and goals
    • Honeypot structure and strategy
    • Observed interaction: Mimban
    • Observed interaction: Borleias
  5. Mitigation
    • Preventing compromise of SSH servers
    • Correct OpenSSH configuration
    • Check logs
    • Analyze network traffic
    • Detect compromised SSH tools

References

- Research Whitepaper by ESET

https://www.welivesecurity.com/wp-content/uploads/2018/12/ESET-The_Dark_Side_of_the_ForSSHe.pdf

- The Dark Side of the ForSSHe

https://www.welivesecurity.com/2018/12/05/dark-side-of-the-forsshe/

- Linux/SSHDoor.A Backdoored SSH daemon that steals passwords

https://www.welivesecurity.com/2013/01/24/linux-sshdoor-a-backdoored-ssh-daemon-that-steals-passwords/

- Operation Windigo

https://www.welivesecurity.com/wp-content/uploads/2014/03/operation_windigo.pdf

- ESET discovers 12 previously undetected Linux backdoors

https://www.eset.com/int/about/newsroom/press-releases/research/eset-discovers-12-previously-undetected-linux-backdoors/

- Openssh backdoor used on compromised Linux servers

https://www.randhome.io/blog/2016/08/01/openssh-backdoor-used-on-compromised-linux-servers/

openssh-backdoors's People

Contributors

gaspareg avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.