SSH-Snake: Automated SSH-Based Network Traversal

[Joshua Rogers <megamansec () gmail com>]

SSH-Snake is a powerful tool designed to perform automatic network
traversal using SSH private keys discovered on systems, with the objective
of creating a comprehensive map of a network and its dependencies,
identifying to what extent a network can be compromised using SSH and SSH
private keys starting from a particular system.

SSH-Snake can automatically reveal the relationship between systems which
are connected via SSH, which would normally take a tremendous amount of
time and effort to perform manually.

In other words, SSH-Snake performs the following tasks automatically and
recursively:

   1. On the current system, find any SSH private keys,
   2. On the current system, find any hosts or destinations (user@host)
   that the private keys may be accepted,
   3. Attempt to SSH into all of the destinations using all of the private
   keys discovered,
   4. If a destination is successfully connected to, repeats steps #1 - #4
   on the connected-to system.

It's completely self-replicating and self-propagating -- and completely
fileless. In many ways, SSH-Snake is actually a worm: It replicates itself
and spreads itself from one system to another as far as it can.

Instead of manually jumping between systems with SSH keys like it's a Super
Mario game, let SSH-Snake do the work for you.

The script is attached. The documentation is available at at
https://github.com/MegaManSec/SSH-Snake .

Attachment: Snake.sh
Description:

_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: https://seclists.org/fulldisclosure/