CVE-2023-25136

The repository contains a scanner for CVE-2023-25136, which targets OpenSSH 9.1's pre-authentication double-free vulnerability. The scripts check for vulnerability by attempting to connect to SSH servers but do not include functional exploit code for arbitrary code execution.

The repository contains a Python script that checks for the presence of CVE-2023-25136 (OpenSSH Pre-Auth Double Free) by attempting to establish an SSH connection with a specific client ID. It does not exploit the vulnerability but scans for its presence.

This repository contains a functional Python-based Proof-of-Concept (PoC) for CVE-2023-25136, a double-free vulnerability in OpenSSH 9.1p1. The PoC uses the `paramiko` library to trigger the vulnerability, causing a denial-of-service (DoS) condition by forcing an abort crash.

The repository claims to exploit CVE-2023-25136 (OpenSSH 9.1 double-free vulnerability) but provides no functional exploit code. The 'exploit.py' script only attempts a basic SSH connection without triggering the vulnerability, while 'scan.py' is a simple SSH scanner. The README lacks technical details and relies on screenshots and generic descriptions.

The repository contains two Python scripts that attempt to detect CVE-2023-25136 in OpenSSH 9.1 by sending a crafted SSH version string and checking for vulnerability. However, the scripts do not include actual exploit code for achieving remote code execution.

This repository provides a detailed technical analysis of CVE-2023-25136, a pre-authentication double-free vulnerability in OpenSSH. It includes a walkthrough of the vulnerability, root cause analysis, and a Python-based Proof-of-Concept (PoC) using Paramiko to trigger the crash.

The repository contains a Python script that checks for the presence of CVE-2023-25136, a pre-authentication double-free vulnerability in OpenSSH versions 9.1 to 9.2. It does not exploit the vulnerability but scans for its presence by attempting to establish an SSH connection with a specific client version string.

The repository contains a scanner for CVE-2023-25136, which checks for vulnerable OpenSSH servers by verifying the SSH banner and attempting a connection. It does not exploit the vulnerability but identifies potentially vulnerable targets.

This repository provides a Python-based tool that scans for OpenSSH versions 9.0 and 9.1, which are potentially vulnerable to CVE-2023-25136. It does not exploit the vulnerability but checks the SSH version via an SSH connection.

The repository contains a Python script that attaches to an sshd process to debug and exploit a double-free vulnerability (CVE-2023-25136) in OpenSSH 9.1p1. The script uses GDB to set breakpoints and inspect memory, targeting the `kex_assemble_names` function where the vulnerability occurs.

This repository provides a functional PoC for CVE-2023-25136, an OpenSSH 9.1p1 pre-authentication double free vulnerability. It includes a Dockerized environment to reproduce the DoS effect and a Python script to trigger the vulnerability.