OpenSSH AllowTcpForwarding configuration parameter is sometimes used as a measure of SSH servers hardening in order to complicate tunnel creation. This kind of restriction may complicate the task in those circumstances where it is necessary to use a hop machine in order to carry out a web security audit (or during any pentest phase). Therefore, a small tool called SaSSHimi has been created in order to evade AllowTcpForwarding easily. SaSSHimi can be downloaded from our GitHub. 0x01 – The problem - SSH Forwarding It is usual to find restrictions in hardening SSH connections, for example the use of AllowTcpForwarding configuration parameter in order to avoid SSH tunnels use in the connection. But, as it is very well explained in ...