Remove the exxxit command

[ghost]

From nicolas.surribas on May 27, 2011 17:52:39

Hello !

The file commands/base.py contains a command called 'exxxit' 'for testing purposes' that can be used by attackers to detect if they are on a Kippo server or on a normal SSH server.

I suggest to remove this command from the source code.

Original issue: http://code.google.com/p/kippo/issues/detail?id=41

[ghost]

From desaster on May 27, 2011 10:54:13

There are many ways to detect kippo, as it's very far from a real system. My plan is to fix these as soon as I see them being used in the wild. So far I've never seen the 'exxxit' command being used by the attackers.

The purpose of the 'exxxit' command is for the administrators to be able to exit from the kippo instance without getting caught by the trick where kippo actually doesn't exit when you type 'exit'.

Now this isn't really that important to keep in there, and I might remove it anyway. In fact, maybe I'll make it work only from 127.0.0.1 or something. It's there just for my own convenience :)

Hmm.. ok.. instead of closing this as WontFix, let's keep it open until i fix it like that :)

Thanks for your bugreport, much appreciated!

Status: Accepted

[ghost]

From nicolas.surribas on May 27, 2011 14:01:28

I like the idea of the command only accessed by 127.0.0.1 ;-)

[ghost]

From MichaelNargang on September 12, 2012 20:39:53

Maybe you could make the command user definable in the config?

[ghost]

From desaster on November 10, 2012 06:45:28

exxxit now only available if the client ip is 127.0.0.*

Status: Fixed