Invalid packet blocking #161
Replies: 2 comments 1 reply
-
Without further information about the used client and server it's hard to help you with your problem. The error comes from paramiko, which is not able to handle the packets from your ssh client: https://github.com/paramiko/paramiko/blob/94d553ffb11837013035c1a62c4af83c801c6f85/paramiko/packet.py#L487 There are some ssh implementations which are not fully compatible and SSH-MITM needs some workarounds for them. Some of them are implemented in https://github.com/ssh-mitm/ssh-mitm/blob/master/sshmitm/workarounds/transport.py The ssh client of dropbear is such an example which needs a workaround to be compatible with paramiko. If you can give further information and if the ssh client and server are available I can try to implement a workaround for you. Please provide following information:
|
Beta Was this translation helpful? Give feedback.
-
Thanks for looking into this! I'm running the latest version (4.1.1) of SSH-MITM available on Homebrew. The client is UniFi's Network Server which makes outbound SSH connections to real devices to adopt/manage them. The server is a hardware device (a Switch Flex Mini in this case), but luckily the error occurs already when trying to establish a connection. Here's how to reproduce the error:
#!/usr/bin/env dart
import 'dart:async';
import 'dart:io';
void main() {
const int port = 10001;
RawDatagramSocket.bind(InternetAddress.anyIPv4, port)
.then((RawDatagramSocket udpSocket) {
udpSocket.broadcastEnabled = true;
List<int> payload = [
2,
6,
0,
122,
2,
0,
10,
208,
33,
249,
231,
211,
113,
192, // TODO: Change these
168, // to your real
1, // IP address
178, // (e.g., 192.168.1.178)
1,
0,
6,
208,
33,
249,
231,
211,
113,
10,
0,
4,
0,
0,
170,
41,
11,
0,
8,
85,
83,
87,
95,
77,
73,
78,
73,
12,
0,
6,
85,
83,
77,
73,
78,
73,
3,
0,
9,
50,
46,
48,
46,
48,
46,
55,
48,
52,
22,
0,
9,
50,
46,
48,
46,
48,
46,
55,
48,
52,
21,
0,
6,
85,
83,
77,
73,
78,
73,
23,
0,
1,
1,
24,
0,
1,
0,
25,
0,
1,
1,
26,
0,
1,
1,
19,
0,
6,
208,
33,
249,
231,
211,
113,
18,
0,
4,
0,
0,
6,
134,
27,
0,
5,
49,
46,
55,
46,
51
];
Timer.periodic(const Duration(seconds: 1), (timer) {
udpSocket.send(payload, InternetAddress('255.255.255.255'), port);
});
});
}
|
Beta Was this translation helpful? Give feedback.
-
While trying to debug a SSH session between two black box systems I'm seeing the following error:
I am able to "trick" the client to connect to my host and they don't mind random host keys, but I'm still unable to capture the unencrypted payloads:
Beta Was this translation helpful? Give feedback.
All reactions