Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2023-38408 PoC — OpenSSH 代码问题漏洞

Source
https://github.com/fazilbaig1/cve_2023_38408_scanner
Associated Vulnerability
Title:OpenSSH 代码问题漏洞 (CVE-2023-38408)
Description:OpenSSH(OpenBSD Secure Shell)是加拿大OpenBSD计划组的一套用于安全访问远程计算机的连接工具。该工具是SSH协议的开源实现,支持对所有的传输进行加密,可有效阻止窃听、连接劫持以及其他网络级的攻击。 OpenSSH 9.3p2之前版本存在安全漏洞,该漏洞源于ssh-agent的PKCS11功能存在安全问题。攻击者可利用该漏洞执行远程代码。
Description
Vulnerability Overview CVE-2023-38408 affects OpenSSH versions < 9.3p2 and stems from improper validation of data when SSH agent forwarding is enabled. When users connect to a remote server with ssh -A, they allow the agent on their local machine to be used for authentication to further systems
Readme
# cve_2023_38408_scanner
Vulnerability Overview CVE-2023-38408 affects OpenSSH versions &lt; 9.3p2 

USE :python cve_2023_38408_scanner.py -t {ip} -p {port}
File Snapshot

 [4.0K]  /data/pocs/70c87b9a220f7626292d26f665497783edb70aa3
├── [2.2K]  cve_2023_38408_scanner.py
└── [ 157]  README.md

0 directories, 2 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.