CVE-2018-7750 PoC — Paramiko SSH服务器实现授权问题漏洞

Source

https://github.com/tlavi00/CVE-2018-7750

Associated Vulnerability

Title:Paramiko SSH服务器实现授权问题漏洞 (CVE-2018-7750)
Description:Paramiko是一个基于Python的SSH协议库。SSH server是其中的一个SSH服务器。 Paramiko中的SSH服务器实现的transport.py文件存在安全漏洞，该漏洞源于程序在处理其他请求之前没有正确的检测身份验证是否完成。攻击者可利用该漏洞绕过身份验证，以下版本受到影响：Paramiko 1.17.6之前版本，1.18.5之前的1.18.x版本，2.0.8之前的2.0.x版本，2.1.5之前的2.1.x版本，2.2.3之前的2.2.x版本，2.3.2之前的2.3.x版本，2.4.1

Readme

# CVE-2018-7750

Copied from https://www.exploit-db.com/exploits/45712 for archive

File Snapshot


 [4.0K]  /data/pocs/6272caba2fbf3f5bf5d3a83b1e7bce37b2f4b32d
├── [1.1K]  poc.py
└── [  83]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!