-
Notifications
You must be signed in to change notification settings - Fork 126
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[CVE-2016-2563] confused with PoC #6
Comments
Hi @VictorYYW, that's pscp on windows debugged with windbg. the output shown is from windbg. cheers, |
Oh, I see. I am trying to reproduce it in Debian docker container. What I have is that, Is it the expected behavior? If not, do you have any suggestion? Thank you for your time! @tintinweb |
@VictorYYW Verify that you're running a vulnerable version of pscp. It unexpectedly closes the connection because it crashes. attach gdb to
cheers |
@tintinweb I just checked the source file and found the vulnerable code remained not fixed. I have a basic knowledge of gdb. Here's what I have found. |
Hi, @tintinweb !
I am getting lost when I am trying to reproduce this bug.
What is step 5 of PoC? Everything is reproduced until step 5. Is it the output of some other utility that is not specified in README?
My understanding is that the error message should be output of pscp. Am I getting is right?
Best,
Victor
The text was updated successfully, but these errors were encountered: