Page 1 of 1
steal SSH credentials from OpenSSH client on Linux platform
Posted: Sat 08 Jul 2017, 17:44
by belham2
http://www.securityweek.com/cia-tools-s ... -wikileaks
"....
The other tool, Gyrfalcon 2.0, described in a document dated November 2013, is designed to steal SSH credentials from the OpenSSH client on Linux platforms.
Gyrfalcon is a library loaded into the OpenSSH client process address space. It collects OpenSSH session traffic, including usernames and passwords, compresses and encrypts the data, and stores it in a file. A third-party application is required to exfiltrate the file......"
Posted: Sat 08 Jul 2017, 17:58
by musher0
Hi belham2.
The CIA would be interested in stealing your SSH credentials because... ???
Tell me:
why would the CIA be interested in Joe Bloe Belham2 or Joe Bloe Musher0 ?
What do they do with these credentials, anyway?
BFN.
Posted: Sat 08 Jul 2017, 19:56
by rockedge
if the NSA were in my machines I would be upset they spent the tax payers money on accessing some extremely boring stuff with no value for now or the future.
Posted: Sat 08 Jul 2017, 23:04
by musher0
Hi rockedge.
Ask Agent Jones or Agent Smith to leave their business cards next time
they come snooping?
Meaning:
don't throw a fit, with that business card, you can get even.
Joke aside, I wonder how much of that is modern folklore. People love
spooky stories and spy stories, y'know.
~~~~~~~~~~~~~
In the case of a kernel module being added, there's a simple way to
check your system's integrity, by listing the modules right after install and
checking that the list is the same every once and a while.
Same for the watchamacallit-falcon added library for OpenSSH: if it wasn't
there at time of install and all of sudden it is.
If something's fishy, we re-install. It's as easy as 1-2-3 on Puppy Linux
-- PROVIDED YOU MAKE GOOD AND REGULAR BACK-UPS, FOLKS.
~~~~~~~~~~~~
Maybe it's the moon phase? We hadn't had a security scare in a while on
this forum...
BFN.
Posted: Tue 18 Jul 2017, 00:41
by 8Geee
If one is playing at a kasino on-line, almost all kasinos use SSH to TX/RX game info.
Its not openssl as one might think.
Regards
8Geee
Posted: Tue 18 Jul 2017, 15:09
by Burn_IT
Maybe it's the moon phase? We hadn't had a security scare in a while on
this forum... Wink
A werepuppy!!???