Secure shell (SSH)
Secure shell (SSH) is the most commonly used protocol to access a remote shell on a remote host.
ποΈ Port: 22 (TCP)
π₯ SSH can be used to create a secure connection for an insecure protocol. For instance, SFTP is for FTP over SSH.
Basic usage:
$ ssh username@IP
$ ssh username@IP -p port
You may use a private key instead of a password (if configured). Note that the key must have at least the permissions 600.
$ ssh username@IP -i /path/to/id_rsa
SSH Pentester Notes β οΈ
Foothold
-
The
.sshfolder may contain a ssh key (often calledid_rsa) to connect to a host. This file may be protected by a password, but using offline hash cracking, we may be able to find it. -
Use
-vto detect allowed authentication modes and force one that is convenient for us.
$ ssh [...] -v -o PreferredAuthentications=password
- The password may be weak and vulnerable to brute force.
$ hydra -L user.list -P password.list ssh://IP -V -f
Additional Resources
-
Run ssh-audit (3.0k β) and analyze the output
-
Use
puttygen saved_key.ppk -O private-openssh -o id_rsato convert a Putty key file to a Linux SSH file.
PEM SSH Key Files
PEM SSH Key Files β Overview
Privacy-Enhanced Mail (PEM) is a file format mostly to share cryptographic keys such as SSH keys.
We can use SSH keys to log in to a host without sending a password over the network. We will generate a private key and a public key.
The target will have our public key in their .ssh/authorized_keys file. They will use it to send us a authentication challenge.
To generate a private key (PEM) and a public key (OpenSSH):
$ ssh-keygen -f mykey # mykey (private) | mykey.pub
$ ssh username@ip -i mykey # Permissions: 644 or less
PEM SSH Key Files β RSA File Format
For an RSA private key, the format is:
RSAPrivateKey ::= SEQUENCE {
version Version,
modulus INTEGER, -- n
publicExponent INTEGER, -- e
privateExponent INTEGER, -- d
prime1 INTEGER, -- p
prime2 INTEGER, -- q
exponent1 INTEGER, -- d mod (p-1)
exponent2 INTEGER, -- d mod (q-1)
coefficient INTEGER, -- (inverse of q) mod p
otherPrimeInfos OtherPrimeInfos OPTIONAL
}
You can use CyberChef PEM To Hex to get the hexadecimal of a partial SSH key. Let's read 308204be0201000...SNIP:
| Hex | Type | Value |
|---|---|---|
| 0x30 | Data Type | Sequence |
| 0x82 | Size Length | 2 bytes |
| 0x04be | Size Value | 1214 |
| 0x02... | Data Value | All below |
| 0x02 | Data Type | INTEGER |
| 0x01 | Size Length | 1 |
| 0x00 | Size Value | 0 |
| 0x00 | Data Value | 0 (version) |
Additional commands:
$ openssl asn1parse -in key
Related: Bro-key-n, Backup - frank, Corrupted PEM, 1506, X-secrets.
Additional Notes
SSH Forwarding
If SSH Forwarding is enabled (/etc/ssh/sshd_config, $HOME/.ssh/config, etc.), then when we SSH to a host using -A, it will create a socket in /tmp and set the variable SSH_AUTH_SOCK accordingly.
There are multiple ways to exploit this:
- As root, we can connect to anyone else SSH session
- As a user, we can connect to any socket we can read, for instance, we compromised a user having a running SSH session as admin.
$ export SSH_AUTH_SOCK=/path/to/agent.xxx; ssh username@0
<no password == it worked>
$ cat /proc/$$/environ | tr '\0' '\n' | grep SSH_AUTH_SOCK
$ cat /proc/*/environ 2> /dev/null | tr '\0' '\n' | grep SSH_AUTH_SOCK
β‘οΈ Article: SSH Agent Hijacking.
SSH Tunneling And Port Forwarding
Please refer to this.
π» To-do π»
Stuff that I found, but never read/used yet.
-R "xxx"ssh -XwithX11Forwardingenabledsshpass -p 'XXX' ssh xxx@IPsudo systemctl restart sshdssh-copy-id username@server: add to remote server our public keyssh domain\\username@target- Look for problems in configurations
/etc/ssh/sshd_configPermitRootLogin noPubkeyAuthentication yesPasswordAuthentication no- Hardening
- forwarding (subsystem filetransfer sftp match group xxx but we must add again no forward)