KHracker-0.3-1.fc25.noarch.rpm


Advertisement

Description

KHracker - Known Hosts Entry Decrypter

Distribution: Fedora 25
Repository: CERT Forensics Tools x86_64
Package name: KHracker
Package version: 0.3
Package release: 1.fc25
Package architecture: noarch
Package type: rpm
Installed size: 232.87 KB
Download size: 192.03 KB
Official Mirror: forensics.cert.org
KHracker is a python-based decryption tool for encrypted known_hosts entries. It will attempt to decrypt values stored in SSH known_hosts files, if the encryption option has been enabled for that computer. By default, known_hosts entries are not encrypted, but there is an option to do so. From a forensics perspective, encrypted known_hosts entries can prevent an investigator from seeing other computers a user may have been connecting to. Information about the connections made from a system can be integral to identifying a complete understanding of the systems involved in a network intrusion or incident response case.

Alternatives

Requires

Provides

  • KHracker = 0.3-1.fc25

    Download

    Install Howto

    1. Download cert-forensics-tools-release-25 rpm:
      https://forensics.cert.org/cert-forensics-tools-release-25.rpm
    2. Install cert-forensics-tools-release-25 rpm:
      # rpm -Uvh cert-forensics-tools-release*rpm
    3. Install KHracker rpm package:
      # dnf --enablerepo=forensics install KHracker

    Files

    • /usr/bin/KHracker
    • /usr/share/doc/KHracker/KHracker.pdf

    Changelog

    2011-09-13 - Kevin Moore <kevinm@cert.org> 0.3-1 * Release 0.3-1 Initial release

    Advertisement
    Advertisement