Charting the SSH Multiverse
HD Moore
BSidesSF 2025 — Here Be Dragons · Day 1 · Main
SSH was once considered a solved problem, but since 2023 it has become a hotbed of novel vulnerabilities, backdoors, and implementation quirks spanning dozens of incompatible forks and third-party libraries. HD Moore, co-founder and CEO of RunZero and the creator of Metasploit, presented a comprehensive survey of the SSH ecosystem's fragmentation — and unveiled Shambl, an open-source SSH enumeration tool designed to systematically find the bugs hiding in non-standard implementations. ---
AI review
HD Moore came back to BSidesSF after fourteen years and delivered a talk that reminded the room why the name still means something. The Shambl tool, the Erlang blind exec CVE, the Microsoft CRLF timing-safety regression, and the mass public-key enumeration technique against GitHub's 117 million key database are all original, specific, and immediately useful. This is the kind of talk that should close a conference.