SSH based reverse shell
Small bug fix
Bug Fix:
external_address
lacks a port, bash/sh template generated via creating a link may result in a blank url pathThis release adds a number of fun new features. Most importantly:
Features:
https://
and http://
, more details on 146
link
with --sni
.autocomplete
command, tracked by issue 156
authorized_controllee_keys
file now supports RSSH custom tag owners
to define who controls said clientlink
command now has optional owners
flag to define which user/s should be shown the client in their listaccess
server console command can share/hide clientsdata-directory
/keys
/$USERNAME
for user keys (instead of administrative keys)Security Fixes:
Public key for this release:
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIkk/jazhGONHIRcJ/WXX+lDcWZYDOs6wLNNArqgrulY
Fixed regression in remote forwarding.
Bug Fix:
ssh
client when requestedThe public key is the same as the last release
This minor release fixes a regression in the url parsing introduced in 2.4.0
This also resolves the security vulnerabilities discovered in the SSH library
Bug Fix:
Public Key for this release:
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKyg/5L/9I9AtPz7zyl3r0YnjD4nClDx3EYhBLHSiqGx
A tiny one line change that removes testing conditions for winpty.
2.4.0 will always use winpty rather than conpty, this release has the same public key as the previous release.
This release closes off a few small bugs, and adds some qol improvements. Most notably rssh now supports connecting via stdio (stdin, stdout).
Features:
tls://your.server.address
, it will now add :443
(https://github.com/NHAS/reverse_ssh/issues/148)stdio
, which attaches the network io to stdin and stdout respectively (thanks to https://github.com/NHAS/reverse_ssh/issues/149, has a great description about how you'd use this)Bug Fixes:
CONNECT
proxy it will no longer look for specific wording and just accept 200
as it can proxyPublic key for this release:
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHmuYTF9dbre8hkIxvFt4eRLwmz/u8fjJc/IVUzNd+zg
Tiny release that fixes a bug in the new watch
command log functionality.
Bug Fix:
exec
or server terminal connection). As such log lines would be duplicated. This has now been moved to only happen once.A release to close off some open issues and add some new features.
Features:
ssh
client. Allowing you to do ssh -R portnumber reverse.ssh.server
from any SSH compliant server in order to live off the landhttp_proxy
and https_proxy
environment variables if they are presentwatch
command now will store history of all connection events (clients connecting and disconnecting) in a file
watch.logthe command also now supports
-aand
-l` to show "all" or a "limited" number of lines from that fileBug Fixes:
link
command would occasionally fail with a bizarre caching issue, now the cache is cleared if the server encounters thisPublic key for this release:
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFhX5pKRRvClFVn8IZeWUXvBqnIruMaoh7LI6bkPOb9s
A small release with a bunch of little bug fixes (and one new feature)
Bug Fixes:
ChannelOpenDirectMsg
being set in the wrong order, leading to the ssh client rejecting incoming remote connections.py
to the end of link
generated links) now works properly on non-memfd platforms like windows and openbsd (thanks #134)Features:
link
webserver is now styled to look like an nginx 404
pagePublic key for this release:
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAII9EULf3COVE2o3vcDmynDFBXGXZ0EyEx/d/bTTTMrou
Small bug fix that (hopefully) stops the RSSH server multiplexer from occasionally getting a nil connection and panicking.
Bug Fix:
determineProcotol
now follows golang standard and returns err
rather than just connection to make it easier to handle errors