CVE-2024-45337 PoC — Golang Go crypto 安全漏洞

Source

https://github.com/NHAS/VULNERABLE-CVE-2024-45337

Associated Vulnerability

Title:Golang Go crypto 安全漏洞 (CVE-2024-45337)
Description:Golang Go crypto是Golang社区的一款基于 Go 语言的加密代码库。 Golang Go crypto存在安全漏洞，该漏洞源于容易受到授权绕过的影响。

Description

An example project that showcases golang code vulnerable to CVE-2024-45337

Readme

# VULNERABLE-CVE-2024-45337
An example project that showcases golang code vulnerable to CVE-2024-45337. 

This is a companion project to: https://github.com/NHAS/CVE-2024-45337-POC

So you have something to exploit.


## Usage

```sh
go run solver.go -authorised-pubkey id_ed25519.pub -allowed <SSH FINGER PRINT HERE>
```

File Snapshot


 [4.0K]  /data/pocs/058e0c05ddaf383d07d694ac0b62c25d8d114e6d
├── [ 143]  go.mod
├── [ 467]  go.sum
├── [3.2K]  main.go
└── [ 321]  README.md

0 directories, 4 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!