CVE-2023-38408

This repository contains a functional exploit script for CVE-2023-38408, targeting OpenSSH versions before 9.3p2. The script automates the exploitation process by leveraging ssh-agent forwarding to achieve remote code execution via shellcode injection.

This repository provides a functional proof-of-concept exploit for CVE-2023-38408, demonstrating how an attacker can leverage OpenSSH's PKCS#11 feature to achieve remote code execution by injecting shellcode into the ssh-agent process via a forwarded agent socket.

This repository provides a detailed technical analysis of CVE-2023-38408, a vulnerability in OpenSSH's ssh-agent that allows remote code execution via malicious PKCS#11 provider loading. It includes background concepts, attack flow analysis, and mitigation strategies.

The repository contains a scanner for CVE-2023-38408, which checks OpenSSH versions for vulnerability by parsing SSH banners. It does not include functional exploit code but provides detailed technical analysis and steps for exploitation.

This repository contains a functional exploit for CVE-2023-38408, a remote code execution vulnerability in OpenSSH's forwarded ssh-agent. The exploit is structured in multiple steps, including shell scripts and C programs, to achieve RCE by manipulating the ssh-agent.

This script automates the installation of a vulnerable version of OpenSSH (9.6p1) to demonstrate CVE-2023-38408. It removes existing OpenSSH packages, compiles and installs the vulnerable version, and configures the service to run.

The repository contains no actual exploit code or technical details, only a vague reference to CVE-2023-38408 and a link to an external 'Full Report'. This is characteristic of a social engineering lure.

This repository provides a detailed technical analysis of CVE-2023-38408, an OpenSSH vulnerability related to SSH agent forwarding that allows remote code execution on the client. It includes root cause analysis, exploitation scenarios, patch behavior, and mitigation strategies.

This script exploits CVE-2023-38408 by injecting an SSH key into the authorized_keys file, setting up an SSH agent socket, and executing shellcode via a bind shell. It requires interaction with a target system to establish a reverse connection.

The repository contains only a README file with minimal information, referencing a presentation slide and source code for a CS-782 attack presentation. No actual exploit code or technical details are provided.

This repository contains a Python-based scanner for CVE-2023-38408, which checks if an OpenSSH server is running a vulnerable version (< 9.3p2) by parsing the SSH banner. It does not exploit the vulnerability but detects it via version checking.