|
|
Exploits
Members Area
Services
Premium Partners
Statistics
| Unique Visits Visits: 21234 Visits Today: 32 Visits this page: 338 |
| Page Views Views: 530441 Views Today: 717 Views this page: 960 |
PoC of Denial of Service in SSH Daemons
Date : 14:02:08 23.04.2008 Posted by: Glafkos CharalambousThis is a proof of concept of a DOS in misconfigured SSH daemons (which is default in some distros), an example is the OpenSSH (any version, any plataform) with no definition of MaxStartups in sshd_config, to read about problem, see my post on:
http://archive.netbsd.se/?ml=secureshell&a=2006-08&t=2257506
or
http://www.derkeiler.com/Mailing-Lists/securityfocus/Secure_Shell/2006-08/msg00030.html
Well, with this DOS, you can block any user to login on remote machine, a big problem for some admins which are isolated from machine =)
To use the PoC:
~# python poc.py –help
Screenshot
Download PoC: SSHD PoC
Requirements: Python 2.3+ / Linux or Windows
Related hyperlinks
http://www.joomla.com.br/b....br/blog/2008/04/17/poc-of-denial-of-service-in-ssh-daemons/
25.11.2008 - Domain hijack fears over Gmail exploit 29.09.2008 - Passport snooping public servant faces year in the can 29.09.2008 - Grey hat hair hacker suspect charged in Maserati extortion case 23.04.2008 - Chinese hackers call off CNN attack 23.04.2008 - Microsoft: Finding flaws on our website is OK 23.04.2008 - Friends Reunited killer gets life 23.04.2008 - PoC of Denial of Service in SSH Daemons 17.04.2008 - Macs run Vista better than PCs 17.04.2008 - Action urged on web child abuse 17.04.2008 - MySQL chief recommits to Linux under SunMore News
Events
IT Training
Access Keys
Link with us
Recommended Links
