v1.0.4

This release merges some external work, and most importantly has new TUN functionality, allowing you set to use -w in ssh and set up full VPNs with your reverse ssh clients.

Unfortunately, this has increased binary size somewhat. So I would recommend compiling in release (make release), and using upx if that matters to you.

Features

• Implement support for TUN devices in the client, allowing full ICMP/UDP/TCP forwarding
• Full IDs are no longer needed when forwarding/connecting to a client, partial matches now work #49

Bug Fixes

• link -l will now print what callback server the binary was generated with #48
• Stop client if connect back address is invalid, rather than endlessly retrying it
• Timeout on initial local forward so that things like nmap dont wait forever

Changes

• Remove process hiding, the client fork will no longer pick a random benign process to change its argv[0] to

External Contributions

• @TechSupportJosh Changed timeouts on the webserver to 20 seconds in #47
• @exploide Improved RSSH client compatibility by improving the makefile in #51

Full Changelog: v1.0.3...v1.0.4

v1.0.3

This release has a bunch of fixes for bugs that people have sent in. It also has the starting work for versioning of clients with the new version command.

Bug Fixes

• Fix child dying on parent exit (caused by child using parents stdout/stderr)
• Check that shells in /etc/shell actually exist
• Properly remove webserver from mux when not in use
• Normalize client hostname when in fancy ls -t
• Increase initial timeout for ssh handshake for people who have to enter their ssh key password

Features

• New version command shows the current version of the server (git tag + git short hash)
• ls now shows client versions
• Improved multiplexer flood protection
• Add watch command, to show clients coming and going
• Add webhook support
• listen command can start/stop the rssh server port
• Makefile flag IGNORE will now cause clients to ignore all argv input
• authorized_keys now understands and respects the ssh from directive (allow/deny list for managing rssh clients)

Changes

• link expiry option removed as its not useful

Full Changelog: v1.0.2...v1.0.3

v1.0.2

This release adds a new subsystem (no, nothing to do with WSL) for windows, and a bug fix for the server.

• Adds windows service compatibility
• Adds subsystem to install and remove windows services
• Improve multi-protocol multiplexer (say that fast 5 times) to stop slow clients from deadlocking the server

The binary release are amd64 windows and linux binaries compiled with CGO and in debug.

v1.0.1

Small bump that fixes some rather important bugs.

• Fixes hostname normalization (hopefully once and for all)
• Fixes odd bug that would hang clients after multiple connections
• Adds sftp
• Adds setuid and setgid subsystem commands for linux

The binary release are amd64 windows and linux binaries compiled with CGO and in debug.

Full Changelog: v1.0.0...v1.0.1

v1.0.0

A binary release for those of us who dont have golang installed.

These binaries lack some of the more advanced features of RSSH, such as homeserver address embeddeding. They are also compiled with CGO enabled, which may cause issues on platforms that do not use libc, such as alpine.

x64 bit, linux and windows binaries.

Full Changelog: https://github.com/NHAS/reverse_ssh/commits/v1.0.0