This is pentesting tools which allows an auditor to mitm attack on SSH connections. Features are:-
- Support SFTP MITM’ing.
- Add port forwarding support.
- Remove dependency on root privileges.
- Create wrapper script that detects when user is trying to use key authentication only, and de-spoof them automatically
A patch applied to the OpenSSH v7.5p1 source code causes it to act as a proxy between the victim and their intended ssh server; all plaintext passwords and sessions are logged to disk. Of course, the victim’s SSH client will complain that the server’s key has changed.