[Last Call] Learn how to a build a cloud-first strategyRegister Now

  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1285
  • Last Modified:

hijacking an SSH session

Hello. This is an educational question not for malicious purposes.

For my assignment I was asked to discuss a method to hijack an SSH session or describe whether this is possible or not.

from my google I found some saying it wasn't possible since SSH detects alterations of TCP data which breaks the connection.

Other googles ended up saying that it is possible using dsniff or scripts.

So I'm not sure where to stand on this.
Any feedback?
1 Solution

I dont think many will answer this question as I dont beleive the rules of the site permit answers to questions like this.  Surfice to say though that nothing is air tight and yes certain tools will achieve what you have mentioned but to my knowledge only on specific verison of the protocol with access to the network devices managing the traffic.

badMotoFingaAuthor Commented:
yeah didnt think so ... i dont see why not .. i mean ... this is for a university course ... its essential to understand the hackers point of view when it comes to network security ... ah well
badMotoFingaAuthor Commented:
how bout from a general point of view ... all i need is a basic theoretical understanding
When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot has fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

theoretically it can be hijacked with brute-force methods
the weakness in sha1 and md5 found recently make this easyer, but practially it's not possible with current hard- and software

In theory theory and practice are identical, in practice they are not.

If you search the web, then search for last vulnerabilities in openssh, they'll give you a glue where problems can arise.
Given the rules of the site, I won't steer you too much, but.... are you looking only at the current SSHv2 protocol or also at the older and no-longer-considered-safe SSHv1 protocol? Also check out isc.org's chronical of the SSH password guessing attacks. Oh yeah, and all software has bugs.
Ask your teacher, if it is an assignment. I doubt a good teacher would assign this. OMG.
>hijack an SSH session or describe whether this is possible or not.

Short answer is yes it is.

visit this link, it is SAN's, a very well respected security group, this link has whitepapers (vetted by SANs) which should help demistify encryption and vpn technologoies including ssh.


in terms of hijacking, this is more difficult but possible, most likely an attacker would steal the session rather than hijack it. Obviously, there are many ways to skin that cat but the SAN's reading room should provide enough material to cover what you need for your course.

Note, it will not teach you to hack either.
I would have to say yes it is.

Esp when you hijact the whole computer first and use software to remote control the computer.
Oh DUH! it just hit me,

The answer is YES becase, IF you get up and walk away from the computer for a short bit...someone else can use your session.

i recently read a survay stating that most people don't "log out" of sites like ebay when they get up for a short bit.

Featured Post

Threat Trends for MSPs to Watch

See the findings.
Despite its humble beginnings, phishing has come a long way since those first crudely constructed emails. Today, phishing sites can appear and disappear in the length of a coffee break, and it takes more than a little know-how to keep your clients secure.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now