What's Changed

Changed

• easier plugin development
• SSH-MITM uses "appimage" module to start the AppImage
• merged SOCKS4 and SOCKS5 module in a single module
• prepend entry points with "sshmitm" to avoid name conflicts
• updated vulnerability db

New Contributors

• @gbyx3 made their first contribution in #164
• @nsauzede made their first contribution in #169
• @branchvincent made their first contribution in #170

Full Changelog: 4.1.1...5.0.0

What's Changed

Fixed

• fixed python source distribution - reported by p-linnane

Full Changelog: 4.1.0...4.1.1

What's Changed

Fixed

• fixed AppImage build process

Changed

• better output for Flatpak
• allow mkdir to work with default attr.st_mode (#152)
• Add new option to store output of non-interactive commands (#156)
• moved project dependencies to requirements.in file
• use command name of executable or link in help output

New Contributors

• @mlocutus made their first contribution in #152
• @thement made their first contribution in #156

Full Changelog: 4.0.0...4.1.0

⚠️ AppImage is broken for this release!

What's Changed

Added

• added configuration file to configure default values
• added info and PoC exploit for CVE-2023-25136
• mosh - added more information for decrypted packet
• added json logging format
• added client ip and port to client information #145

Fixed

• added workarround for git to avoid unexpected session termination when EOF was reveived
• added fix for GitHub git operations
• fixes #136 - set paramiko version to >=3,<3.2 to fix private api changes in paramiko

Changed

• set banner name only for server, not for client
• when output is piped to another application, the logformat is switched to json
• changed build system to hatch
• create AppImage with appimagetool instead of AppImage-Builder

Removed

• removed support for Python 3.7
• removed official support for Windows

New Contributors

• @luan1973 made their first contribution in #130

Full Changelog: 3.0.2...4.0.0

Added

• added requirements.txt which pins the tested packages

Fixed

• fixed infinite loop when client closes connection during authentication
• fixed errors when too much connection attemps happen for the same server
• close transport in probe_host, which can publickey auth lead to fail
• Bump cryptography from 39.0.0 to 39.0.1 by @dependabot in #126

New Contributors

• @dependabot made their first contribution in #126

Full Changelog: 3.0.1...3.0.2

What's Changed

Fixed

• fixed requirements for installation

Full Changelog: 3.0.0...3.0.1

⚠️ this release is broken

What's Changed

Added

• intercept MOSH connection and print decrypted data as hexdump
• added new function to get client information about used libraries
• added option to disable auth method lookup
• added indicator to docs, if vulnerability check is included in SSH-MITM
• added CVSS scores to vulnerability list in documentation
• added SHA512 fingerprint for server key
• added custom help formatter for cli arguments
• added option to disable auth method lookup

Fixed

• fixed reace condition when tools like pyinfra are intercepted
• fixed documentation about port forwarding to match SSH-MITM v2
• fixed description of CVE-2022-29154
• updated description of CVE-2020-15778

Changed

• changed documentation folder structure
• if mosh is detected, pty will be disabled
• replaced typing.text with str
• removed support for Python 3.6

Removed

• removed dependancy to python enhancements module
• remove unused methods and code
• removed unused update check

Full Changelog: 2.1.0...3.0.0

What's Changed

Added

• Test for CVE-2022-29154 (rsync file injection)
• Updated vulnerability database with new clients

Fixed

• fixed a bug which shows an empty cve list
• fixed finding clients which are derived from other clients
• fix #95 - added workarround for MonaXterms SecureBlackbox SSH implementation

Changed

• removed typecheck decorator

New Contributors

• @gitter-badger made their first contribution in #108

Full Changelog: 2.0.5...2.1.0

What's Changed

Fixed

• updated CVE-2020-14145 to match openSSH 8.9
• fixed client version check for vulnerabilities when using PuTTY
• fixed .bumpversion.cfg to work with original bump2version command
• catch connection errors during authentication
• fixed scp message order from client to server to match OpenSSH's behavior (found by @oddko #100)
• send server EOF and return code when closing scp channel (found by @oddko #100 , fixed by @zoey-fux #105,#106 )

New Contributors

• @zoey-fux made their first contribution in #105

Full Changelog: 2.0.4...2.0.5

What's Changed

Fixed

• close scp channel on EOF (found by @oddko)

Full Changelog: 2.0.3...2.0.4