v2.6.14

This is a small release that fixes a couple bugs and adds a quality of life features.

Features:

• The link command now takes a new argument --use-host-header which will use the HTTP host header to generate the callback ip when using templated downloads

Bug Fixes:

• When the client loses server connection, it will now close any remote forwards it had open, otherwise reopening your remote forwards is impossible.
• Fix an issue where the ip address given from forwarding the server port would be unparsable, stopping connections from working properly when pivoting.

Thanks to @wrighterase

v2.6.13

This release brings NTLM proxy support to the linux version of the RSSH client and enables the rssh client to correctly forward ipv6 addresses.

Features:

• Add cross-platform NTLM proxy authentication support by @nollium in #186
• link now supports --ntlm-proxy-creds argument to supply ntlm credentials e.g 'DOMAIN\USER:PASS'
• The rssh client now supports --ntlm-proxy-creds argument with same format for credentials.

Bug Fixes:

• The RSSH client now supports forwarding to ipv6 addresses correctly (was broken due to some incorrect concatenation
• Server now prints out ipv6+port correctly

v2.6.9

This release incorporates changes made by @wrighterase to add finer controls to log level output in the client.

Features:

• link now has an additional argument --log-level
• clients now have an additional argument --log-level
• link -l will now show the log level baked in to a client
• The log command can now dynamically set a clients logging level with --log-level e.g log -c <client_name> --log-level WARNING will only show warnings

Changes:

• Dependencies have been updated
• Clients default log level (when generated via link) will now be set from server default (can be set with RSSH_LOG_LEVEL)

Bug fixes:

• Fix small issue where log level wasn't properly respected in some cases

v2.6.8

Fix a rather annoying regression where RSSH clients would fail to connect due to missing their embedded private key. After me missing a line removal from a fork.

Features:

• Added work to support corporate kerberos enabled proxies thanks to @durck

Changes:

• Improved proxy env variable handling by making case sensitive and including all values to try as potential proxies fixes #182

v2.6.6

This release brings a few QoL and functional improvements helpfully contributed by @wrighterase

Features:

• The garble option in the link command now supports lzma compression for better RSSH client sizes
• Log Level control, the --log-level cli flag or RSSH_LOG_LEVEL env variable now lets you define now noisy the RSSH server log is, with DISABLED, INFO, WARNING, ERROR and FATAL options
• You can now change the server console label from catcher$ using the cli flag --console-label or env variable RSSH_CONSOLE_LABEL, helpful for differentiating different RSSH server instances

Public Key for this release:

ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGuhBJ2e5tAhdWtJeXqzjnWBSH8eSZJ9yOLJvAmW2Egg 

v2.6.4

This is a ghost release with no binaries, it updates the docker container to point to the development release (@master) branch of garble to resolve #174

v2.6.3

This release is a tiny release just replacing the inet.af package with its github hosted equivalent, as the taliban control the .af TLD

This fixes #176

v2.6.2

This release adds a minor new feature and fixes a small edge case bug.

Feature:

• When using download handlers for file execution (e.g ssh -J localhost:3232 nhas.me rssh://busybox ls /) it is now possible to supply a url parameter which specifies what the argv[0] should be. For example ssh -J localhost:3232 nhas.me rssh://busybox\?argv=busybox ls /

Bug Fix:

• Closes #175 the jump handler was passing in the wrong server connection, and thus the ssh client would get a rssh-download request instead of the server. This stopped jump host downloading of shells from working properly.

v2.6.1

Like any good fix to a long standing bug, this is fix part two where I actually fix it totally.

Bug fixes:

• Stop congestion control issues due to packets being chopped in half at higher transfer speeds
• Expose internal SSH structures to read data packet by packet for tun device

Changes:

• Logging for tun has changed to show stats rather than all connections. This should also speed things up

Thanks to @lachlan2k

v2.6.0

This release brings a long awaited fix to RSSH's tuntap functionality which closes out a long standing bug that causes connections break randomly.
It also brings some quality of life improvements.

Fixes:

• Tun devices will now actually send data if multiple packets are sent at once

New Features:

• New console command log allows you to see client binary stdout/logging output on the server itself, or direct logging output to a file
• clear command clears the server console
• Raw TCP downloading is now possible, rather than having to use http to host client binaries you can now connect to the server control port. Check out link --raw-download, thanks to @stacksparrow4 for suggesting it
• The automatic bash script generated by appending .sh to links can now be configured to write the binary to a specific folder with link --working-directory

Public Key for this release:

ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIN3MrSqUg34VLQJe/z485GhRvSlDh2Qihxs4ARL4PZ+1