Open hmaier1996 opened 9 months ago
Thanks for the question. I've read the paper and their attack is different from SSH-MITM's. There are some similarities in handling MSG_KEXINIT packets because SSH-MITM needs to drop them, but the use cases are different.
Target server and fingerprint:
Intercepting and modification of Shell, SFTP and other features
Ignoring specific packets during kex init protocol part
SSH-MITM modifies the kex init part, because there are some clients which have some incompatibilities with Paramiko during interception. Paramiko is a client and server library and not designed to intercept ssh connections and handling the intercepted packets. SSH-MITM tries to mimic the destination server as much as possible which breaks some functionality in Paramiko..
In such cases not only the mentioned packet is ignored. The possible KEX algorithms also need to be modified to avoid disconnects from some ssh client libraries.
As you can see, there are some similarities with the Terrapin Attack, but the attack vector is different.
The Terrapin Attack is a new vulnerability and attack vector, as one of the major differences is the weaknesses in the underlying cryptography from the mentioned algorithms in their paper.
I have reopened this issue, because the Terrapin Attack might be relevant for conducting mitm attacks.
With vulnerabilities like CVE-2020-14145 it's possible to detect clients which have already the destinations fingerprint stored. Such clients will raise a mitm warning when intercepted by SSH-MITM.
In the past, the only option was to silently drop the connection before the client raises the warniing. To avoid further warnings, the clients connection could be proxied to the destination server without intercepting ssh.
Terrapin Attack allows a mitm attacks to intercept and manipulate those connections, if the client does not use "kex-strict".
Perhaps it's interesting to support Terrapin Attack to modify such connections for further audits of ssh connections.
Important! If you are a system administrator you should check if your distribution has released a patched version.
I have created a pull request for paramikos type hints (https://github.com/python/typeshed/pull/11218). This pull request is necessary because SSH-MITM changes 2 methods in paramikos Transport class and without that changes linting will fail.
The next release will include compatibility with paramiko >=3.4 and supports the Terrapin Attack fixes.
I am reaching out to explore a potential similarity I noticed in packet handling between SSH-MITM and the Terrapin Attack, as highlighted in the discussion of Pull Request #163 on the SSH-MITM repository.
It appears that both methods involve discarding certain packets during the SSH key exchange process.
In SSH-MITM, packets are discarded during kex-init:
https://github.com/ssh-mitm/ssh-mitm/blob/4fc3ef418847c35d17d0c427e2701b33a03c323c/sshmitm/workarounds/transport.py#L178-L188
According to the Terrapin Attack website, packet discarding is a crucial aspect of their methodology.
The packet handling techniques used in SSH-MITM, as seen in the GitHub blame for sshmitm/workarounds/transport.py, were implemented 1-2 years ago. This timeline suggests a noteworthy context: both SSH-MITM and the Terrapin Attack utilize similar methods for manipulating SSH packets. This parallel raises intriguing questions about the Terrapin Attack's exploitability and security implications. The pre-existing nature of these techniques in SSH-MITM might warrant a reevaluation of the Terrapin Attack's impact on SSH security.
I would like to respectfully request the SSH-MITM developers to conduct an evaluation of the Terrapin Attack. This evaluation would greatly benefit the cybersecurity community by clarifying the differences and similarities between SSH-MITM's techniques and those used in the Terrapin Attack. Understanding these nuances is crucial for assessing the relevance and impact of such attacks on both current and future Man-in-the-Middle (MitM) vulnerabilities.