POC for CVE-2024-6387 Remote Code Execution | Bug bounty poc
Ойын-сауық
// Disclaimer //
Hacking without permission is illegal. This channel is strictly educational for learning about cyber-security in the areas of ethical hacking and penetration testing & bug hunting so that we can protect ourselves against the real hackers..
//LINKS: t.me/mr0rh
⚠The vulnerability, which is a signal handler race condition in OpenSSH’s server (sshd), allows unauthenticated RCE as root on glibc-based Linux systems; that presents a significant security risk.
📊62.1M+ Services are found on hunter.how
music:
credit by @𝙇𝙤𝙨𝙩𝙨𝙚𝙘
POC for CVE-2024-6387 ssh Remote Code Execution | Bug bounty poc
Пікірлер: 27
Next time you use a template from another researcher (me..), at least have the decency to give credit where it is due. Funny you did not even bother changing the template name but straight out copied "cve-2024-6387-new.yaml" without knowing that the "new" tag I added was because I messed up the regex during testing. Sad.
@flowback6481
10 күн бұрын
活捉大佬 your video is so cool , I am your Fans~ 😀
Wtf where is the POC skid
@Warning_Zone
7 күн бұрын
If you got them also tell me
this only scans... show an actual rce next time
Brother this is only scanning process...next do manual, do you know manual test? I know and I reported lot in openssh server but doesn't respond that organisation. Now I leave the cve.
@rajibhassen3
16 күн бұрын
bro, i cna give the complete process on youtube if i want. due to some youtube rules and regulations I can't show as an expert. you can google it if you wnat
@Warning_Zone
7 күн бұрын
@@rajibhassen3please provide any link or make any cheap course on it
This template is open source
@davidtancredi5658
11 күн бұрын
Yup , my template to be precise 😅
Bro I didn't find nuclei template
@rajibhassen3
19 күн бұрын
This is private template bro
@kemeliaafrinkethi6606
19 күн бұрын
@@rajibhassen3 no it is open source
@davidtancredi5658
11 күн бұрын
As a matter of fact, my private template, which is in fact open source and available in my git repo 😂@@kemeliaafrinkethi6606
@davidtancredi5658
9 күн бұрын
Enjoy
Bro give the full credit to the song owner.
@rajibhassen3
16 күн бұрын
who owns the song?
@shingareom
16 күн бұрын
@@rajibhassen3 lostsec bro.
how exploit that server
@rajibhassen3
17 күн бұрын
Google koren
script kiddie
Lostsec fanboy
How to Exploit?
@rajibhassen3
20 күн бұрын
Given in my Telegram channel
@valentinodentesano4182
19 күн бұрын
@@rajibhassen3 you didnt
@RonaldoPiedade-zl1gv
16 күн бұрын
@@rajibhassen3what is ur telegram channel bro?
@darkmix4192
16 күн бұрын
Hi brother I'm intermidiat researcher and coffinxp student, I know this concept cve....next process try ssh command to exploit then some commands to monitoring the race condition attack. Then you'll take rce attack.@@valentinodentesano4182