WhereMyTunnels

v1.2.0 suspicious
6.0
Medium Risk

Tool for viewing SSH connections

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package exhibits a high credential risk due to potential SSH key handling and has low maintainer activity, which raises concerns about its legitimacy and security posture.

  • High credential risk (8/10) associated with potential SSH key handling.
  • Low maintainer activity and poor metadata quality.
Per-check LLM notes
  • Network: No network calls detected, which is normal and not indicative of malicious activity.
  • Shell: Shell commands observed are related to code formatting and checking with 'ruff', which is consistent with development practices and does not indicate malicious activity.
  • Obfuscation: No obfuscation patterns detected.
  • Credentials: Potential credential harvesting as it references private SSH keys.
  • Metadata: The package shows low maintainer activity and poor metadata quality, raising suspicion but not conclusive evidence of malice.

🔬 Heuristic Checks

Outbound Network Calls

No suspicious network call patterns found

Code Obfuscation

No obfuscation patterns detected

Shell / Subprocess Execution score 8.0

Found 4 shell execution pattern(s)

  • ruff_formatting(): assert subprocess.run("ruff format . --check", shell=True, capture_output=True, ch
  • st_ruff_check(): result = subprocess.run("ruff check . --show-fixes", shell=True, capture_output=True
  • .run("ruff format . --check", shell=True, capture_output=True, check=True) def test_ruff_check():
  • ("ruff check . --show-fixes", shell=True, capture_output=True, check=False) assert re.search(r"\
Credential Harvesting score 7.5

Found 3 credential access pattern(s)

  • ( ["ssh", "-i", "~/.ssh/id_rsa", "host"], SshArguments( username=None,
  • value_arguments=[("i", "~/.ssh/id_rsa")], flags=[], raw_arguments=["ssh",
  • raw_arguments=["ssh", "-i", "~/.ssh/id_rsa", "host"], ), "identity_spaced", ),
Typosquatting

No typosquatting candidates detected

Registered Email Domain

No author email provided

Suspicious Page Links

All external links appear legitimate

Git Repository History

No GitHub repository linked

  • No GitHub repository link found
Maintainer History score 8.0

4 maintainer concern(s) found

  • Only one version has ever been released — brand new package
  • Author name is missing or very short
  • Author "" appears to have only 1 package on PyPI (new or inactive account)
  • Package has no PyPI classifiers (low effort / metadata quality)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with WhereMyTunnels 
Create a user-friendly desktop application named 'SSH Inspector' using Python and the 'WhereMyTunnels' package. This application will serve as a visual tool to monitor and manage SSH connections on your local machine. The goal is to provide users with an intuitive interface where they can easily view, control, and manage their active SSH tunnels. Here’s a step-by-step guide on how to develop this application:

1. **Setup Environment**: Ensure you have Python installed along with necessary libraries such as PyQT5 or Tkinter for the GUI and 'WhereMyTunnels' for SSH tunnel management.
2. **GUI Design**: Use PyQT5 or Tkinter to design a clean and responsive GUI. The main window should display a list of all active SSH tunnels, their status (active/inactive), and details like remote/local ports and IP addresses.
3. **Integration with 'WhereMyTunnels'**: Utilize 'WhereMyTunnels' to fetch information about all active SSH tunnels. Implement functions within your app to start, stop, and restart these tunnels.
4. **Advanced Features**:
   - **Search Functionality**: Allow users to search for specific tunnels based on keywords or tunnel IDs.
   - **Tunnel Details**: Provide an option to view detailed information about each tunnel, including creation time, last activity time, and error logs if any.
   - **Alert System**: Integrate an alert system that notifies users via pop-ups or email when a tunnel fails or is idle for too long.
   - **Logs Export**: Offer functionality to export tunnel logs and other relevant data to a file or cloud storage.
5. **Testing**: Thoroughly test the application to ensure it works seamlessly across different operating systems and handles edge cases gracefully.
6. **Deployment**: Package the application using tools like PyInstaller so that it can be easily distributed and run on various machines without requiring end-users to install additional software.

This project aims not only to showcase the capabilities of 'WhereMyTunnels' but also to create a valuable tool for network administrators and developers managing multiple SSH tunnels.