README
¶
atsshd
An sshd that logs passwords and pubkey auth attempts. It can also bruteforce attackers with their own passwords.
Description
atsshd listens for incoming SSH connections and logs the username, password, and/or pubkey fingerprint. It has an attack mode option where it will try the username/password combo against the attacker IP in realtime, as the credentials come in. All incoming authentication attempts will always fail. The sshd will not attack 127.0.0.1 in order to avoid loops.
$ atsshd --help
Usage of atsshd:
-A enable attack mode
-b banner
SSH server banner (default "SSH-2.0-OpenSSH_7.4p1")
-k file
SSH server host key PEM files
-l file
output log file
-p port
port to listen on (default 22)
-s source
source IP of interface to bind to
In attack mode, the attacker will get attacked serially. If 3 network failures happen in a row, we give up on attacking and just log the incoming passwords.
Disclaimer
This tool is for demonstration purposes only
Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Config ¶
type Config struct {
// If true, then we attack incoming clients with their own passwords
EnableAttack bool
// Banner for the SSHD to use.
// If empty, then "SSH-2.0-OpenSSH_7.4p1" is used.
Banner string
// Hostkey file names.
// If none provided, then a 2048 bit RSA key is generated
PEMFiles []string
// If empty, the default log output is to os.Stderr
Output io.Writer
}
Source Files
Directories
Click to show internal directories.
Click to hide internal directories.