Collaborate Disseminate
The big news this week was that OpenSSH has an unauthorized Remote Code Execution exploit. Or more precisely, it had one that was fixed in 2006, that was unintentionally re-introduced …read more Continue reading This Week in Security: Hide Yo SSH, Polyfill, and Packing It Up
The big news this week was that OpenSSH has an unauthorized Remote Code Execution exploit. Or more precisely, it had one that was fixed in 2006, that was unintentionally re-introduced …read more Continue reading This Week in Security: Hide Yo SSH, Polyfill, and Packing It Up
The ssh-keygen command to generate the pair of keys files can use the -t option. According to Ubuntu Noble’s man ssh-keygen for the mentioned option, it indicates:
-t dsa | ecdsa | ecdsa-sk | ed25519 | ed25519-sk | rsa
Specifi… Continue reading OpenSSH 9.6p1: What is the best key type for the ssh-keygen command through the -t option?
It’s a serious one:
The vulnerability, which is a signal handler race condition in OpenSSH’s server (sshd), allows unauthenticated remote code execution (RCE) as root on glibc-based Linux systems; that presents a significant security risk. This race condition affects sshd in its default configuration.
[…]
This vulnerability, if exploited, could lead to full system compromise where an attacker can execute arbitrary code with the highest privileges, resulting in a complete system takeover, installation of malware, data manipulation, and the creation of backdoors for persistent access. It could facilitate network propagation, allowing attackers to use a compromised system as a foothold to traverse and exploit other vulnerable systems within the organization…
A critical vulnerability in OpenSSH (regreSSHion) allows attackers full access to servers! Millions at risk. Learn how to… Continue reading regreSSHion: Critical Vulnerability in OpenSSH Exposes Millions of Servers
I have a VM with a Cloud Provider that I am able to SSH into. I’ve recently read about RegreSSHion (the reappearance of CVE-2006-5051, as CVE-2024-6387), and I’m wanting to make sure that I wasn’t exploited.
The article I read on DarkReadi… Continue reading How to tell if RegreSSHion was exploited (CVE-2024-6387)
Difference between
ssh aryan@za.tryhackme.com
ssh za\\aryan@thmjmp2.za.tryhackme.com ?
Both login methods are giving me SSH access but some files/folders are accessible via the latter while not via the former?
I am learning and practicing on vulnerable-by-design machines (vulnhub, metasploitable etc.). I found that this machine is running OpenSSH 7.5, and I tried a few exploits of Username enumeration from ExploitDB, which all ask for a wordlist… Continue reading Pentesters: Is it common for bruteforce/ dictionary attacks, e.g. for SSH username enumeration, to be successful in the real-world pentests? [closed]
In this article, we analyze XZ backdoor behavior inside OpenSSH, after it has achieved RSA-related function hook. Continue reading XZ backdoor: Hook analysis
I created three gpg subkeys stored on my YubiKey as described here. I added enable-ssh-support and enable-putty-support to my gpg-agent.conf file. Everything works when accessing a server with the ssh-key generated by gpg –export-ssh-key … Continue reading Windows YubiKey GPG works with putty but not terminal [migrated]