PoC of Denial of Service in SSH Daemons
This is a proof of concept of a DOS in misconfigured SSH daemons (which is default in some distros), an example is the OpenSSH (any version, any plataform) with no definition of MaxStartups in sshd_config, to read about problem, see my post on:
http://archive.netbsd.se/?ml=secureshell&a=2006-08&t=2257506
or
http://www.derkeiler.com/Mailing-Lists/securityfocus/Secure_Shell/2006-08/msg00030.html
Well, with this DOS, you can block any user to login on remote machine, a big problem for some admins which are isolated from machine =)
To use the PoC:
~# python poc.py –help
Screenshot
Download PoC: SSHD PoC
Requirements: Python 2.3+ / Linux or Windows
Yours,
- Perone
No comments yet. Be the first.
Leave a reply
