Proof of concept code / Exploit
-----------------------------------------------------------
In December 16, 2002 Rapid 7.Inc released a security alert about
vulnerabilities in ssh2 implementations from multiple vendors. We have
used the concept to code this exploit/proof of concept.
It's a fake server to exploit the putty client. To test it you need to
change the url in the shellcode; that file will be downloaded and run
on exploitation.
This is intented for educational/testing purposes.
-----------------------------------------------------------
Developed by:
Rand ( jcamilleri (at) ono (dot) com [email concealed] )
Dani ( dani (at) iproyectos (dot) net [email concealed] )
I-PROYECTOS Division Seguridad (Security Research)
-----------------------------------------------------------
2003 seguridad (at) iproyectos (dot) net [email concealed]
Proof of concept code / Exploit
-----------------------------------------------------------
In December 16, 2002 Rapid 7.Inc released a security alert about
vulnerabilities in ssh2 implementations from multiple vendors. We have
used the concept to code this exploit/proof of concept.
It's a fake server to exploit the putty client. To test it you need to
change the url in the shellcode; that file will be downloaded and run
on exploitation.
This is intented for educational/testing purposes.
-----------------------------------------------------------
Developed by:
Rand ( jcamilleri (at) ono (dot) com [email concealed] )
Dani ( dani (at) iproyectos (dot) net [email concealed] )
[ reply ]