OpenSSH 9.1 vulnerability mass scan and exploit
OpenSSH server (sshd) 9.1 introduced a double-free vulnerability during options.kex_algorithms handling. This is fixed in OpenSSH 9.2. The double free can be leveraged, by an unauthenticated remote attacker in the default configuration, to jump to any location in the sshd address space. One third-party report states "remote code execution is theoretically possible." https://nvd.nist.gov/vuln/detail/CVE-2023-25136
-
Run the scan.py script and enter the file name with IP addresses python scan.py
-
Run the exploit.py script and enter the vulnerable IP address python exploit.py
The script runs in Python3 If you don't have the libraries installed, they will be installed when you run the program
• paramiko: to install it just type pip install paramiko
• colorama: to install it just type pip install colorama
This script is intended for educational purposes only. The use of this script for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state, and federal laws. Be careful.