by hdmoore on 8/10/24, 11:55 PM with 30 comments
by hdmoore on 8/10/24, 11:55 PM
This presentation dives deep into the Secure Shell protocol, its popular implementations, what's changed, what hasn't, and how this leads to unexpected vulnerabilities and novel attacks. An open source tool, dubbed "sshamble", will be demonstrated, which reproduces these attacks and opens the door for further research.
by transpute on 8/11/24, 9:00 AM
> SPA requires only a single packet which is encrypted, non-replayable, and authenticated via an HMAC in order to communicate desired access to a service that is hidden behind a firewall in a default-drop filtering stance. The main application of SPA is to use a firewall to drop all attempts to connect to services such as SSH in order to make the exploitation of vulnerabilities (both 0-day and unpatched code) more difficult.
by mrbluecoat on 8/11/24, 3:32 PM
I wonder how TinySSH[1] compares
by tzury on 8/11/24, 2:27 PM
by metadat on 8/11/24, 3:50 PM
It reminds me of the DeLorean dashboard in Back To The Future :)
by davidfiala on 8/13/24, 6:15 PM
As the founder of teclada.com, I'll also share that one of the biggest risks is not even technical but human:
- not managing your SSH keys properly
- not even knowing where they are
- reuse, copying, etc
- forgotten placement of keys in authorized_keys
- "no way I'm going to even consider changing any of it"
- "our audit logs are .bash_history"