Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2023-38408 PoC — OpenSSH 代码问题漏洞

Source
https://github.com/kali-mx/CVE-2023-38408
Associated Vulnerability
Title:OpenSSH 代码问题漏洞 (CVE-2023-38408)
Description:The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.) NOTE: this issue exists because of an incomplete fix for CVE-2016-10009.
Description
PoC for the recent critical vuln affecting OpenSSH versions < 9.3p2
Readme
# CVE-2023-38408
PoC for the recent critical vuln affecting OpenSSH versions &lt; 9.3p2\
Designed to work seamlessly with TryHackMe's free access lab environment covering this vuln.\
https://tryhackme.com/room/cve202338408

https://github.com/kali-mx/CVE-2023-38498/assets/76034874/21382c5b-9468-494d-93c7-ff2b996a4be5
File Snapshot

 [4.0K]  /data/pocs/39b8a344fcf1a314c4bd5036116c0e9fbecdbf64
├── [4.9K]  CVE-2023-38408.sh
└── [ 320]  README.md

0 directories, 2 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →