Skip to content
/ libSSH-Authentication-Bypass Public
forked from blacknbunny/CVE-2018-10933

Spawn to shell without any credentials by using CVE-2018-10933

0 stars 116 forks Branches Tags Activity
Star

secwsstest/libSSH-Authentication-Bypass

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

38 Commits
README.md
README.md
 
 
bypasswithfakekey.py
bypasswithfakekey.py
 
 
libsshauthbypass.py
libsshauthbypass.py
 
 
requirements.txt
requirements.txt
 
 

Repository files navigation

libSSH-Authentication-Bypass

Spawn to shell without any credentials by using CVE-2018-10933

Information about CVE-2018-10933 by libSSH : https://www.libssh.org/security/advisories/CVE-2018-10933.txt

Bugfix Release by libSSH : https://www.libssh.org/2018/10/16/libssh-0-8-4-and-0-7-6-security-and-bugfix-release/

Create a vulnerable ssh server or directly use tool to bypass remote server:

Download, uncompress and build the vulnerable libSSH Version : https://www.libssh.org/files/0.7/libssh-0.7.4.tar.xz

And then compile and run libSSH on your own server with ssh.

PWD: /libssh-0.7.4/build/examples/samplesshd-cb
./samplesshd-cb --dsakey==yourdsakey 127.0.0.1 --port=2222

libSSH Authentication Bypass with two different tools

If you have got any fake ssh keys use the second bypasswithfakekey.py

pip install -r requirements.txt
If paramiko==2.0.8 doesn't works try : pip install paramiko==2.4.2

Usage:

python libsshauthbypass.py --help
python bypasswithkey.py --help

Shodan.io libSSH

About

Spawn to shell without any credentials by using CVE-2018-10933

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • Python 100.0%