Features
- handles as many connections as you want simultaneously (configurable, default is 10)
- uses log4j for flexible logging
- speaks SSH2, which all ssh-mitm-attackers I have seen to date don't
- is easy to extend, e.g. for taking over a session, injecting commands, statistical purposes, new ciphers,...
Much of this is owed to the great J2SSH API, which is available under the LGPL.
jmitm2 has already successfully used for training by ASAP-COM GmbH.
Architecture
Basically, it is constructed as follows:
- it extends most server classes to contain a reference to a new object:
- that object (called MitmGlue) keeps track of each session, looping it through to the remote target host
- for authentication, a new MitmFakeAuthenticationProvider is created, that passes username and password to the MitmGlue object, which can log them and use them for authentication at the target host
Documentation
- You can browse the javadoc online. All classes starting with "Mitm" are part of jmitm2.
- You can download a copy of the presentation of jmitm2 held at Tübingen university. That presentation was held in german.
- The Studienarbeit (in german) is also available.
There is a brief description of the usage of jmitm2 available.
You can download a binary package of jmitm2 that should contain everything neccessary to run the program, as well as a copy of the source of J2SSH 0.1.0, extended by the MitmFakeAuthenticationProvider.java (in the platforms/ directory) and the com.sshtools.jmitm2 Java package which contains all other jmitm2 classes as source. I developed and built this using eclipse, so as far as compiling is concerned, you'll certainly need log4j, maybe ant or eclipse, and a bit of twiddling. Contact me if you have problems.
The classes using code from J2SSH are of course LGPL'ed, and so is the jmitm2 code itself. If you have any questions, contact me.
source code
239 K
jmitm2-0.1.0-source.tar.gz.asc
signature
234
binary package
1.5 M
signature
234
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
