0×80

SSHD hide version patch

by Qnix on Feb.25, 2008, under General, Projects, ssh

Hello guys .. as you know that someone could know the version of the sshd and many other information by using nmap or any other tools …

for example

root::qnix[0]@~/Codeing/Projects/SSHDH/openssh-4.7p1 $ nmap -q -sV -p 22 localhost
Starting Nmap 4.53 ( http://insecure.org ) at 2008-02-25 15:35 AST
Interesting ports on localhost (127.0.0.1):
PORT   STATE SERVICE VERSION
22/tcp open  ssh      (protocol 2.0 debian-4.7p1)

as you can see these info sometimes might be dangerous... and might be used in a mass hacking if a vulnerability found on this version which is 4.7p1 and it runs under Debian.

so i wrote this simple patch that hides these info

--- sshd.c.orig    2007-06-05 11:22:32.000000000 +0300
+++ sshd.c    2008-02-25 15:16:10.000000000 +0300
@@ -422,2 +422,2 @@
-    snprintf(buf, sizeof buf, "SSH-%d.%d-%.100s\n", major, minor, SSH_VERSION);
+    snprintf(buf, sizeof buf, "SSH-%d.%d\n", major, minor);

or download it from here

http://www.0×80.org/code/app/sshdh/sshdh.patch

to patch it just go to the the folder where the openssh sourecode is and type

root::qnix[0]@~/Codeing/Projects/SSHDH/openssh-4.7p1 $ patch < sshdh.patch
patching file sshd.c
Hunk #1 succeeded at 422 with fuzz 1.

Thats it now configure it and make it then install it and then try to telnet to it and you’ll see something like this

root::qnix[0]@~ $ telnet localhost 22
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
SSH-2.0-HIDDEN

Enjoy!!

Related Posts
Share and Enjoy:
  • Digg
  • Sphinn
  • del.icio.us
  • Facebook
  • Mixx
  • Google Bookmarks
  • Webnews.de
  • Blogosphere News
  • Live
  • MyShare
  • Slashdot
  • Technorati
  • Yigg

3 Comments for this entry

1 Trackback or Pingback for this entry

Leave a Reply

Looking for something?

Use the form below to search the site:

Still not finding what you're looking for? Drop a comment on a post or contact us so we can take care of it!

Archives

All entries, chronologically...