v2.6.20

This is a tiny release which fixes an unreported potential race condition in the multiplexer.

It also upgrades modules and includes some additional instructions about using RSSH with Potato class exploits (such as GodPotato) where starting a shell may fail.

v2.6.19

This release adds a few quality of life changes.

Features:

• RSSH can now read server fingerprint and destination from files (using --fingerprint-file and --destination-file respectively #205, #206 )
• The SSH version string can now be changed with either --version-string or using the link command with link --version-string, these will always have the prefix SSH- as that is part of the SSH protocol, #202
• The private key that the client uses can now be overridden with the command like argument --private-key-path #200, to enable packaging

v2.6.18

This release fixes a regression which would cause remote reverse forwards to fall. It also fixes a previously undiscovered crash in the client when supplying bad URLs as an executable.

Bug Fixes:

• Fix ChannelOpenDirectMsg ordering in remote forward only (second time doing this)
• Ensure that urls are not nil before calling .Query() on them

v2.6.17

This is a small release containing a fix for a nil pointer dereference.

Bug Fix:

• The server will no longer crash if a user connects to an rssh client, then quits their terminal window/ends their ssh session without quitting their connection to the RSSH client (#196)

Changes:

• All session/exec handlers can now be recovered if a panic occurs

v2.6.16

A tiny release to fix a bug where the watch command may deadlock.

v2.6.15

This is a small release that fixes a few user interface bugs, and improves the NTLM handling for linux.

Bug Fixes:

• When using the connect directive in the server console, after exiting a client ctrl + d now works to quit the server console ( and characters typed are better handled in general)
• On the server console CTRL + C now works similar to bash, producing a fresh prompt
• New warning when no user authorised keys are present
• When doing an NTLM negotiation take the domain from the user specified arguments to create the NTLMSSP_Challenge message (read more about this here: #188)

Big thank you to both @stacksparrow4 and @durck for these changes!

v2.6.14

This is a small release that fixes a couple bugs and adds a quality of life features.

Features:

• The link command now takes a new argument --use-host-header which will use the HTTP host header to generate the callback ip when using templated downloads

Bug Fixes:

• When the client loses server connection, it will now close any remote forwards it had open, otherwise reopening your remote forwards is impossible.
• Fix an issue where the ip address given from forwarding the server port would be unparsable, stopping connections from working properly when pivoting.

Thanks to @wrighterase

v2.6.13

This release brings NTLM proxy support to the linux version of the RSSH client and enables the rssh client to correctly forward ipv6 addresses.

Features:

• Add cross-platform NTLM proxy authentication support by @nollium in #186
• link now supports --ntlm-proxy-creds argument to supply ntlm credentials e.g 'DOMAIN\USER:PASS'
• The rssh client now supports --ntlm-proxy-creds argument with same format for credentials.

Bug Fixes:

• The RSSH client now supports forwarding to ipv6 addresses correctly (was broken due to some incorrect concatenation
• Server now prints out ipv6+port correctly

v2.6.9

This release incorporates changes made by @wrighterase to add finer controls to log level output in the client.

Features:

• link now has an additional argument --log-level
• clients now have an additional argument --log-level
• link -l will now show the log level baked in to a client
• The log command can now dynamically set a clients logging level with --log-level e.g log -c <client_name> --log-level WARNING will only show warnings

Changes:

• Dependencies have been updated
• Clients default log level (when generated via link) will now be set from server default (can be set with RSSH_LOG_LEVEL)

Bug fixes:

• Fix small issue where log level wasn't properly respected in some cases

v2.6.8

Fix a rather annoying regression where RSSH clients would fail to connect due to missing their embedded private key. After me missing a line removal from a fork.

Features:

• Added work to support corporate kerberos enabled proxies thanks to @durck

Changes:

• Improved proxy env variable handling by making case sensitive and including all values to try as potential proxies fixes #182