POC for CVE-2024-6387 Remote Code Execution | Bug bounty poc
Вставка
- Опубліковано 23 сер 2024
- // Disclaimer //
Hacking without permission is illegal. This channel is strictly educational for learning about cyber-security in the areas of ethical hacking and penetration testing & bug hunting so that we can protect ourselves against the real hackers..
//LINKS: t.me/mr0rh
⚠The vulnerability, which is a signal handler race condition in OpenSSH’s server (sshd), allows unauthenticated RCE as root on glibc-based Linux systems; that presents a significant security risk.
📊62.1M+ Services are found on hunter.how
music:
credit by @𝙇𝙤𝙨𝙩𝙨𝙚𝙘
POC for CVE-2024-6387 ssh Remote Code Execution | Bug bounty poc
Next time you use a template from another researcher (me..), at least have the decency to give credit where it is due. Funny you did not even bother changing the template name but straight out copied "cve-2024-6387-new.yaml" without knowing that the "new" tag I added was because I messed up the regex during testing. Sad.
活捉大佬 your video is so cool , I am your Fans~ 😀
Wtf where is the POC skid
If you got them also tell me
this only scans... show an actual rce next time
Brother this is only scanning process...next do manual, do you know manual test? I know and I reported lot in openssh server but doesn't respond that organisation. Now I leave the cve.
bro, i cna give the complete process on youtube if i want. due to some youtube rules and regulations I can't show as an expert. you can google it if you wnat
@@rajibhassen3please provide any link or make any cheap course on it
This template is open source
Yup , my template to be precise 😅
Bro I didn't find nuclei template
This is private template bro
@@rajibhassen3 no it is open source
As a matter of fact, my private template, which is in fact open source and available in my git repo 😂@@kemeliaafrinkethi6606
Enjoy
script kiddie
Bro give the full credit to the song owner.
who owns the song?
@@rajibhassen3 lostsec bro.
how exploit that server
Google koren
Lostsec fanboy
How to Exploit?
Given in my Telegram channel
@@rajibhassen3 you didnt
@@rajibhassen3what is ur telegram channel bro?
Hi brother I'm intermidiat researcher and coffinxp student, I know this concept cve....next process try ssh command to exploit then some commands to monitoring the race condition attack. Then you'll take rce attack.@@valentinodentesano4182