Comments (10)
NHAS
commented on May 30, 2024
Hi there, that is super frustrating
Can you give me the version of the client & server?
Also I dont suppose you can give me your server log as well
from reverse_ssh.
NHAS
commented on May 30, 2024
Just to make sure Im understanding your setup properly:
AWS is running Kali and the RSSH server listening on 4505.
You connect to your AWS hosted RSSH server by going ssh <server ip> -p 4505 and it doesnt work?
(Dumb question time, have you made sure that the AWS security group allows the 4505/tcp port?, and have you allowed it on the host machine firewall?)
from reverse_ssh.
h3xplts4
commented on May 30, 2024
I am running the latest version for both client and server. Kali is fully updated on both machines and I compiled with go1.20.
On the server side after running
./server 0.0.0.0:4505 --insecure on the server and trying the help command from localhost or my local machine I get the same output:
2023/03/07 16:50:28 Loading files from /home/kali/Documents/reverse_ssh/bin
2023/03/07 16:50:28 Version: v1.0.15-1-gdce5562
2023/03/07 16:50:28 Listening on 0.0.0.0:4505
2023/03/07 16:50:28 Loading private key from: /home/kali/Documents/reverse_ssh/bin/id_ed25519
2023/03/07 16:50:28 Server key fingerprint: 04ab9414defe387815a29ebdc62851dc27d692bd7b1c168f3de59fcb4f7bff1b
2023/03/07 16:50:28 Loading authorized keys from: /home/kali/Documents/reverse_ssh/bin/authorized_keys
2023/03/07 16:50:28 Was unable to read webhooks configuration file
2023/03/07 16:50:54 [127.0.0.1:57980] INFO sshd.go:360 acceptConn() : New controllable connection with id 98227cab444bdb82c06d751cce8a20f93ad23d77
2023/03/07 16:50:54 [127.0.0.1:57980] INFO global.go:113 RegisterChannelCallbacks() : Handling channel: session
2023/03/07 16:50:54 [127.0.0.1:57980] WARNING global.go:120 RegisterChannelCallbacks() : Sent an invalid channel type "session"
2023/03/07 16:50:54 [127.0.0.1:57980] INFO sshd.go:347 func3() : SSH client disconnected
2023/03/07 16:50:59 [127.0.0.1:57980] INFO sshd.go:295 func1() : Failed to send keepalive, assuming client has disconnected
I get a similar output if an RSSH client successfully connects and I try to get direct access to the client
My AWS security policies:
INBOUND:
All ICMP 0.0.0.0/0
22 TCP 0.0.0.0/0
4500 - 4599 TCP 0.0.0.0/0
45555 TCP 0.0.0.0/0
80 TCP 0.0.0.0/0
OUTBOUND:
0 - 65535 TCP ::/0
0 - 65535 TCP 0.0.0.0/0
All ICMP 0.0.0.0/0
On my local kali machine ufw status:
To Action From
-- ------ ----
80/tcp ALLOW IN Anywhere
80 ALLOW IN Anywhere
4500:4599/tcp ALLOW IN Anywhere
22/tcp ALLOW IN Anywhere
80/tcp (v6) ALLOW IN Anywhere (v6)
80 (v6) ALLOW IN Anywhere (v6)
4500:4599/tcp (v6) ALLOW IN Anywhere (v6)
22/tcp (v6) ALLOW IN Anywhere (v6)
4500:4599/tcp ALLOW OUT Anywhere
4500:4599/tcp (v6) ALLOW OUT Anywhere (v6)
Additionally, I checked the listening ports on the RSSH server
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN
tcp6 0 0 :::4505 :::* LISTEN
tcp6 0 0 :::22 :::* LISTEN
udp 0 0 0.0.0.0:68 0.0.0.0:*
udp6 0 0 fe80::1040:b9ff:fea:546 :::*
I can't figure out why I am getting this error. But the fact that it works on my local kali machine makes me think it's some sort of AWS default configuration that blocks these types of requests
from reverse_ssh.
NHAS
commented on May 30, 2024
Thanks for those additional details.
What I think has happened is you've put your ssh public key into authorized_controllee_keys instead of into authorised_keys.
As the handlers for the rssh client are different to the handlers for when you connect with your key to control the server.
Can you give me your authorized_controllee_keys and authorised_keys?
from reverse_ssh.
h3xplts4
commented on May 30, 2024
Here they are
┌──(kali㉿kali)-[~/Documents/reverse_ssh/bin]
└─$ cat authorized_controllee_keys
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEs78cvpQwS6XOzzI99DSeHXE3cDi3SAtIydkjYb+u5M
┌──(kali㉿kali)-[~/Documents/reverse_ssh/bin]
└─$ cat authorized_keys
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILruUsppX9PbIQZ09U5ssttkj2AR+wrheN7cVjwEnup+ kali2
from reverse_ssh.
h3xplts4
commented on May 30, 2024
Sorry, didn't mean to close this. I will try to debug with delve and post my results
from reverse_ssh.
NHAS
commented on May 30, 2024
Haha that's okay, can you try it without the insecure flag? It maybe a bug in that functionality.
Also just make sure that those keys are correct. E.g that the authorized_keys public key is your laptop/desktop/home computer.
from reverse_ssh.
h3xplts4
commented on May 30, 2024
Yup! The --insecure flag was the problem. It works without it.
Thanks!
from reverse_ssh.
NHAS
commented on May 30, 2024
Hmmmmmmmmm it shouldn't have made any difference in this case. But it'll give it a test on my machines and make sure.
Thanks!
Just gonna reopen this as a potential bug for now
from reverse_ssh.
NHAS
commented on May 30, 2024
I take it back I cannot replicate. Begone issue
from reverse_ssh.
Related Issues (20)
- shellcode generation HOT 1
- panic: runtime error: invalid memory address or nil pointer dereference HOT 14
- How can I use tls and wss HOT 3
- Bug in using python script on windows client HOT 2
- Client execution error under amd64 mac computer (upx issue) HOT 6
- Webserver disconnects when downloading more than 10MB client HOT 4
- Remote ssh forwarding fails [ssh: rejected: administratively prohibited] HOT 10
- The client supports opening an http proxy server HOT 4
- Dynamic Reverse Forwarding from Plain SSH Client HOT 1
- remark HOT 5
- refer Windows DLL ,is it support linux so generate?
- Client can also bind and accept connections HOT 7
- "watch" Add all online and offline history HOT 4
- i wanna know where to generate the figerprint HOT 6
- log repetition HOT 4
- Polling Transport HOT 2
- HTTP_PROXY parsing should be more robust HOT 3
- feat: Automatic Detection of Transport Port
- Add inetd mode to client HOT 12
- Winpty allocation fails when callbacks come as NT AUTHORITY\SYSTEM HOT 8
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from reverse_ssh.