Shaking Out Shells with SSHamble

Name: Shaking Out Shells with SSHamble
Description: SSH has long been treated as a solved problem — a cryptographically sound protocol that, once properly deployed, provides a trustworthy remote administration channel. That assumption has eroded sharpl

HD Moore

DEF CON 33 · Day 2 · Main Stage

SSH has long been treated as a solved problem — a cryptographically sound protocol that, once properly deployed, provides a trustworthy remote administration channel. That assumption has eroded sharpl

AI review

HD Moore returns with an expanded SSHamble research set covering the past two years of SSH vulnerabilities — Terrapin, XZ backdoor, regreSSHion, MOVEit SSH authentication bypass, Qualys QoS OOM-to-MITM, Go SSH library auth bypass — plus new zero-days in long-tail proprietary SSH implementations, updated internet-wide exposure statistics, and the public release of improved SSHamble tooling.

Watch on YouTube