Skip to content
Attack SSHD
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
LICENSE first commit Sep 24, 2015
README.md Update README.md May 23, 2019
sshd.go log the pubkey type too May 22, 2019

README.md

atsshd

An sshd that logs passwords and pubkey auth attempts. It can also bruteforce attackers with their own passwords.

Description

atsshd listens for incoming SSH connections and logs the username, password, and/or pubkey fingerprint. It has an attack mode option where it will try the username/password combo against the attacker IP in realtime, as the credentials come in. All incoming authentication attempts will always fail. The sshd will not attack 127.0.0.1 in order to avoid loops.

$ ./atsshd --help
Usage of ./atsshd:
  -A	enable attack mode
  -b banner
    	SSH server banner (default "SSH-2.0-OpenSSH_6.1p2")
  -h file
    	SSH server host key PEM files
  -l file
    	output log file
  -p port
    	port to listen on (default 22)

In attack mode, the attacker will get attacked serially. If 3 network failures happen in a row, we give up on attacking and just log the incoming passwords.

Disclaimer

This tool is for demonstration purposes only

You can’t perform that action at this time.