This document presents a Python script designed to test the vulnerability CVE-2024-6387, identified in OpenSSH. This vulnerability is a race condition in the SIGALRM signal handler that can allow remote code execution (RCE) on glibc-based Linux systems. The script was generated by an artificial intelligence for educational and security research purposes.
- Identifier: CVE-2024-6387
- Description: A race condition in OpenSSH, reintroduced by a code change in October 2020, allows an attacker to invoke non-async-signal-safe functions in the SIGALRM handler.
- Impact: Remote code execution as root on vulnerable systems.
- Affected Versions: OpenSSH 8.5p1 to 9.8p1.
The script attempts to trigger the race condition by establishing numerous connections to the targeted SSH server. Each attempt sends specially crafted packets to test the timing and exploit the vulnerability.
but you find more info about the exploit here: https://github.com/zgzhang/cve-2024-6387-poc/blob/main/regresshion.txt