Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2018-10933 PoC — libssh server-side state machine 安全漏洞

Source
https://github.com/marco-lancini/hunt-for-cve-2018-10933
Associated Vulnerability
Title:libssh server-side state machine 安全漏洞 (CVE-2018-10933)
Description:A vulnerability was found in libssh's server-side state machine before versions 0.7.6 and 0.8.4. A malicious client could create channels without first performing authentication, resulting in unauthorized access.
Description
Hunt for and Exploit the libSSH Authentication Bypass (CVE-2018-10933)
Readme
# Hunt for and Exploit the libSSH Authentication Bypass (CVE-2018-10933)

Practical Guide explaining how to find hosts vulnerable to the libSSH Authentication Bypass (CVE-2018-10933) and how to exploit them to gain shell access.

Please refer to the following blog post for instructions: https://www.marcolancini.it/2018/blog-libssh-auth-bypass/
File Snapshot

 [4.0K]  /data/pocs/1cd44cf54612996d87f6e31f3bcb1c68645a56d0
├── [ 134]  grep_hashes.sh
├── [ 659]  hashes.txt
├── [1.7K]  kibana_search_ssh.json
├── [ 345]  README.md
└── [ 637]  scan_hassh.sh

0 directories, 5 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →