Critical OpenSSH Vulnerability (CVE-2024-6387) Exploit Released

Home/Exploitation, Internet Security, Remote code execution, Security Advisory, Security Update, vulnerability/Critical OpenSSH Vulnerability (CVE-2024-6387) Exploit Released

Critical OpenSSH Vulnerability (CVE-2024-6387) Exploit Released

A PoC exploit for the critical OpenSSH vulnerability CVE-2024-6387 has been released, enabling remote attackers to execute arbitrary code on vulnerable servers, posing serious risks to users.

CVE-2024-6387

The vulnerability is a race condition in OpenSSH’s server daemon (sshd). If a client fails to authenticate within the LoginGraceTime, the system’s signal handler can trigger unsafe function calls.

The PoC exploit, created by GitHub user YassDEV221608, targets 32-bit OpenSSH servers on Linux systems using GNU C Library (glibc). OpenBSD systems are not affected by this flaw.

According to Exploit Finder, the exploit exploits a race condition in sshd’s SIGALRM handler, triggered after failed authentication attempts. This flaw can allow attackers to execute code and gain root access.

Although the exploit requires multiple attempts to succeed, cybersecurity expert Schwartz highlights its severe potential impact. OpenSSH developers have confirmed that only certain versions are affected and recommend applying patches promptly.

For those investigating the exploit, a vulnerable OpenSSH environment can be set up using Docker. A sample Dockerfile is provided for this purpose.

PoC Script Targeting CVE-2024-6387

CVE-2024-6387.py: A PoC Script for Scanning and Exploiting Vulnerable Servers

import argparse

import threading

import socket

import time

def exploit_vulnerability(target_ip, target_port):

# Logic to exploit CVE-2024-6387

# (This is a simplified demonstration)

print(f"Exploiting target: {target_ip}:{target_port}")

# Add actual exploitation code here...
def main():

    parser = argparse.ArgumentParser(description='CVE-2024-6387 PoC Exploit Script')

    parser.add_argument('-T', '--targets', required=True, help='Target IP addresses or domain names')

    parser.add_argument('-p', '--port', default=22, help='Port number to exploit (default: 22)')

    args = parser.parse_args()

    targets = args.targets.split(',')

    threads = []

    for target in targets:

        thread = threading.Thread(target=exploit_vulnerability, args=(target, args.port))

        threads.append(thread)

        thread.start()

    for thread in threads:

        thread.join()

if __name__ == "__main__":

    main()


Admins should update OpenSSH to the latest patched versions to address CVE-2024-6387. Limiting login attempts and improving logging can further reduce risks. Organizations are urged to check for vulnerabilities and apply updates promptly to stay secure.

‍Follow Us on: Twitter, InstagramFacebook to get the latest security news!

Post Views: 333
By | 2025-01-18T04:17:09+05:30 January 6th, 2025|Exploitation, Internet Security, Remote code execution, Security Advisory, Security Update, vulnerability|

About the Author:

FirstHackersNews- Identifies Security

Related Posts

Leave A Comment

Subscribe to our newsletter to receive security tips everday!