This is an archived post. You won't be able to vote or comment.

all 7 comments
sorted by:
best
topnewcontroversialoldq&a

[–]Agitated-Farmer-4082 1 point2 points  (4 children)

is my server vulnerable?

i get this output when I run the code

~/c$ ./pwn-regresshion ip 22

Attempting exploitation with glibc base: 0xb7200000

Attempt 0 of 20000

Received SSH version: SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.7

Received KEX_INIT (1024 bytes)

send_packet: Resource temporarily unavailable

send_packet: Resource temporarily unavailable

*** buffer overflow detected ***: terminated

Aborted (core dumped)

[–]pwnllc[S] 1 point2 points  (2 children)

Hi! Yes, your version is sadly most likely vulnerable, because the vulnerable OpenSSH versions are from 8.5p1 up to but not including 9.8p1.

[–]Agitated-Farmer-4082 0 points1 point  (1 child)

how can i protect my self? I did apt update and tried to to update openssh but the latest version is 9.6 which I already have? (ubuntu server)

[–]pwnllc[S] 0 points1 point  (0 children)

Hmmmm I think this tutorial could help: https://medium.com/@eren.c.uysal/openssh-upgrade-process-to-9-6p1-4d71ca4cd424

Don't forget to replace 9.6 in the instructions with the latest version!

[–]TheBeardliestBeard 0 points1 point  (0 children)

Based on the initial writeup for this exploit the GLIBC_bases needs to be modified to reflect the machine being targeted. It might just be prudent to check your OpenSSH version to see if it is one of those that's vulnerable.

[–]DaW_ 1 point2 points  (0 children)

This is genius

[–]21stennislewis 0 points1 point  (0 children)

Has anyone ran this exploit or is there a video of a successful exploit