POC for CVE-2024-6387 Remote Code Execution

No video

POC for CVE-2024-6387 Remote Code Execution | Bug bounty poc

Рет қаралды 2,969

Ай бұрын

// Disclaimer //
Hacking without permission is illegal. This channel is strictly educational for learning about cyber-security in the areas of ethical hacking and penetration testing & bug hunting so that we can protect ourselves against the real hackers..
//LINKS: t.me/mr0rh
⚠The vulnerability, which is a signal handler race condition in OpenSSH’s server (sshd), allows unauthenticated RCE as root on glibc-based Linux systems; that presents a significant security risk.
📊62.1M+ Services are found on hunter.how
music:
credit by @𝙇𝙤𝙨𝙩𝙨𝙚𝙘
POC for CVE-2024-6387 ssh Remote Code Execution | Bug bounty poc

Пікірлер: 27

@hometrailer4865 Ай бұрын

Wtf where is the POC skid

@Warning_Zone 20 күн бұрын

If you got them also tell me

@davidtancredi5658 25 күн бұрын

Next time you use a template from another researcher (me..), at least have the decency to give credit where it is due. Funny you did not even bother changing the template name but straight out copied "cve-2024-6387-new.yaml" without knowing that the "new" tag I added was because I messed up the regex during testing. Sad.

@flowback6481 24 күн бұрын

活捉大佬 your video is so cool , I am your Fans~ 😀

@3jee387 Ай бұрын

this only scans... show an actual rce next time

@darkmix4192 Ай бұрын

Brother this is only scanning process...next do manual, do you know manual test? I know and I reported lot in openssh server but doesn't respond that organisation. Now I leave the cve.

@rajibhassen3 29 күн бұрын

bro, i cna give the complete process on youtube if i want. due to some youtube rules and regulations I can't show as an expert. you can google it if you wnat

@Warning_Zone 20 күн бұрын

@@rajibhassen3please provide any link or make any cheap course on it

@kemeliaafrinkethi6606 Ай бұрын

This template is open source

@davidtancredi5658 25 күн бұрын

Yup , my template to be precise 😅

@heyiamuday Ай бұрын

Bro I didn't find nuclei template

@rajibhassen3 Ай бұрын

This is private template bro

@kemeliaafrinkethi6606 Ай бұрын

@@rajibhassen3 no it is open source

@davidtancredi5658 25 күн бұрын

As a matter of fact, my private template, which is in fact open source and available in my git repo 😂@@kemeliaafrinkethi6606

@davidtancredi5658 23 күн бұрын

Enjoy

@100SHEMKUMARP Ай бұрын

how exploit that server

@rajibhassen3 Ай бұрын

Google koren

@shingareom 29 күн бұрын

Bro give the full credit to the song owner.

@rajibhassen3 29 күн бұрын

who owns the song?

@shingareom 29 күн бұрын

@@rajibhassen3 lostsec bro.

@tempermail5735 Ай бұрын

script kiddie

@JoshTWO-ml5mo Ай бұрын

How to Exploit?

@rajibhassen3 Ай бұрын

Given in my Telegram channel

@valentinodentesano4182 Ай бұрын

@@rajibhassen3 you didnt

@RonaldoPiedade-zl1gv Ай бұрын

@@rajibhassen3what is ur telegram channel bro?

@darkmix4192 Ай бұрын

Hi brother I'm intermidiat researcher and coffinxp student, I know this concept cve....next process try ssh command to exploit then some commands to monitoring the race condition attack. Then you'll take rce attack.@@valentinodentesano4182