OpenSSH Pre-Auth Double Free CVE-2023-25136 POC<div class="markdown prose w-full break-words dark:prose-invert light"><h1>OpenSSH Pre-Auth Double Free CVE-2023-25136 POC</h1><p>This repository contains a Proof of Concept (POC) script to check for the OpenSSH Pre-Auth Double Free vulnerability (CVE-2023-25136) using the Paramiko library in Python.</p><h2>Prerequisites</h2><p>Before running this POC script, you need to make sure you have the following dependencies installed:</p><ul><li>Python 3.x</li><li>Paramiko library</li><li>termcolor library</li><li>argparse library</li></ul><p>You can install all of the requirements using pip:</p><pre><div class="bg-black rounded-md mb-4"><div class="flex items-center relative text-gray-200 bg-gray-800 px-4 py-2 text-xs font-sans justify-between rounded-t-md"><span></span><button class="flex ml-auto gap-2"><svg stroke="currentColor" fill="none" stroke-width="2" viewBox="0 0 24 24" stroke-linecap="round" stroke-linejoin="round" class="h-4 w-4" height="1em" width="1em" xmlns="http://www.w3.org/2000/svg"><path d="M16 4h2a2 2 0 0 1 2 2v14a2 2 0 0 1-2 2H6a2 2 0 0 1-2-2V6a2 2 0 0 1 2-2h2"></path><rect x="8" y="2" width="8" height="4" rx="1" ry="1"></rect></svg></button></div><div class="p-4 overflow-y-auto"><code class="!whitespace-pre hljs language-bash">pip install -r requirements.txt
</code></div></div></pre><h2>Usage</h2><p>To check for the vulnerability on a single IP address, run the script with the <code>-i</code> option followed by the IP address:</p><pre><div class="bg-black rounded-md mb-4"><div class="flex items-center relative text-gray-200 bg-gray-800 px-4 py-2 text-xs font-sans justify-between rounded-t-md"><span></span><button class="flex ml-auto gap-2"><svg stroke="currentColor" fill="none" stroke-width="2" viewBox="0 0 24 24" stroke-linecap="round" stroke-linejoin="round" class="h-4 w-4" height="1em" width="1em" xmlns="http://www.w3.org/2000/svg"><path d="M16 4h2a2 2 0 0 1 2 2v14a2 2 0 0 1-2 2H6a2 2 0 0 1-2-2V6a2 2 0 0 1 2-2h2"></path><rect x="8" y="2" width="8" height="4" rx="1" ry="1"></rect></svg></button></div><div class="p-4 overflow-y-auto"><code class="!whitespace-pre hljs language-bash">python CVE-2023-25136.py -i 192.168.1.1
</code></div></div></pre><p>To check for the vulnerability on multiple IP addresses, create a file containing a list of IP addresses (one per line) and run the script with the <code>-f</code> option followed by the file name:</p><pre><div class="bg-black rounded-md mb-4"><div class="flex items-center relative text-gray-200 bg-gray-800 px-4 py-2 text-xs font-sans justify-between rounded-t-md"><span></span><button class="flex ml-auto gap-2"><svg stroke="currentColor" fill="none" stroke-width="2" viewBox="0 0 24 24" stroke-linecap="round" stroke-linejoin="round" class="h-4 w-4" height="1em" width="1em" xmlns="http://www.w3.org/2000/svg"><path d="M16 4h2a2 2 0 0 1 2 2v14a2 2 0 0 1-2 2H6a2 2 0 0 1-2-2V6a2 2 0 0 1 2-2h2"></path><rect x="8" y="2" width="8" height="4" rx="1" ry="1"></rect></svg></button></div><div class="p-4 overflow-y-auto"><code class="!whitespace-pre hljs language-bash">python CVE-2023-25136.py -f ip_list.txt
</code></div></div></pre><h2>Output</h2><p>The script will output whether each IP address is vulnerable or not. If an IP address is vulnerable, it will be printed in green text, and if it is not vulnerable, it will be printed in red text.</p><h2>Disclaimer</h2><p>This POC script is for educational and testing purposes only. Do not use it to exploit the vulnerability on any system that you do not own or have permission to test. The authors of this POC script are not responsible for any misuse or damage caused by its use.</p></div>
[4.0K] /data/pocs/b390af0ced848e90c7175fbcb9915639d797f7d8
├── [2.0K] CVE-2023-25136.py
├── [1.0K] LICENSE
├── [3.6K] README.md
└── [ 31] requirements.txt
0 directories, 4 files