SSH, or the secure shell, is a way of controlling a computer remotely from a command-line interface. While the information exchanged in the SSH session is encrypted, it's easy to spy on an SSH session if you have access to the computer that's being logged in to. Using a tool called SSHPry, we can spy on and inject commands into the SSH sessions of any other user logged in to on the same machine.
For remote access needs like updating, running command-line tools, or other sorts of administrative maintenance, SSH has been the go-to for hackers and IT professionals alike. While SSH is an excellent way of accessing a device remotely over the network, users should assume no such protection when logging into a shared computer.
[embedded content]
SSH Isn't So Secure on a Shared Machine
While SSH is secure when used across a network, the same protection does not apply if you're logged into the same machine that an attacker has access to. Everything you type is visible to anyone who can access the machine either locally or remotely, making it easy for an attacker to either silently observe everything you do or inject their own commands.
The tool for spying on SSH sessions is called SSHPry2.0, and it first appeared during a CTF in which two players were both logged into the same Ubuntu computer via SSH. Each player was trying to kick the other one out and would identify the SSH process number of the other player and kick them out by killing process ID. While this worked, you couldn't see what your opponent is doing, and it gave you a pretty high chance of accidentally killing your own process and kicking yourself out.
..
Support the originator by clicking the read the rest link below.
