Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2023-38408 PoC — OpenSSH 代码问题漏洞

Source
https://github.com/classic130/CVE-2023-38408
Associated Vulnerability
Title:OpenSSH 代码问题漏洞 (CVE-2023-38408)
Description:OpenSSH(OpenBSD Secure Shell)是加拿大OpenBSD计划组的一套用于安全访问远程计算机的连接工具。该工具是SSH协议的开源实现,支持对所有的传输进行加密,可有效阻止窃听、连接劫持以及其他网络级的攻击。 OpenSSH 9.3p2之前版本存在安全漏洞,该漏洞源于ssh-agent的PKCS11功能存在安全问题。攻击者可利用该漏洞执行远程代码。
Description
CVE-2023-38408 Remote Code Execution in OpenSSH's forwarded ssh-agent
Readme
## Reference / info

https://www.qualys.com/2023/07/19/cve-2023-38408/rce-openssh-forwarded-ssh-agent.txt
File Snapshot

 [4.0K]  /data/pocs/7d8b55bb8f7549f41c538ffb2354014ff868dada
├── [ 34K]  gpl-3.0.txt
├── [ 106]  README.md
├── [1.8K]  step1.sh
├── [ 13K]  step2.c
├── [2.9K]  step3.sh
├── [ 21K]  step4.c
├── [ 17K]  step5.c
└── [ 12K]  step6.c

0 directories, 8 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.