Pentest-Tools.com, Security Research Engineer
I have a deep-rooted passion for unravelling the complexities of cybersecurity. I seek ways to make systems do what they were not programmed to do. I like to 'move fast and break things' and learn new concepts while using my technical expertise to improve security systems.
I have a deep-rooted passion for unravelling the complexities of cybersecurity. I seek ways to make systems do what they were not programmed to do. I like to 'move fast and break things' and learn new concepts while using my technical expertise to improve security systems.
CVE-2024-6387, aka regreSSHion, is a new critical vulnerability affecting OpenSSH which remote, unauthenticated attackers can use to execute remote code. But there's more to this CVE than meets the eye
The SSH backdoor would allow remote unauthenticated attackers to achieve remote code execution on the infected systems bypassing the authentication in place. From the information available at the time of writing, the backdoor seems to work only on GNU Linux x86/64 when the SSH server is run as a service by Systemd. Moreover, the library should have been installed by a packet manager. For the exploit to work, one should also expose the SSH server to the Internet so the attacker can interact remotely with it.
I’m gonna help you get the answers you need by demonstrating how to go beyond authentication bypass and achieve RCE using CVE-2023-22515 and CVE-2023-22518. Together we’ll explore their root causes and how to demonstrate the risk involved if an attacker uses these CVEs successfully.
