Skip to content

doyensec/SSHNuke_info

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
.gitignore
.gitignore
 
 
README.md
README.md
 
 
main.c
main.c
 
 

Repository files navigation

SSHNuke_info

This repo pairs with the !exploitable Episode Two - Enter the Matrix blog post.

SSHNuke, aka the exploit used by Trinity in The Matrix Reloaded, attacks OpenSSH versions prior to 2.3.0.

The main.c re-implements the vulnerability in the simplest package. This allows you to prototype your own basic exploits to understand this famous vulnerability.

build instructions

gcc -g main.c

That's it, you get an a.out which accepts the exploit buffer over stdin.

alt

If you want to cheat, switch to the cheat branch and see a crash example.

Credit

  • Code is 99% copy/pasted from OpenSSH with an attempt to retain all copywrites
  • Dennis Goodlett of Doyensec wrote only the main function
  • Vulnerability originaly discovered by Michal Zalewski ref

About

SSH Nuke Info

blog.doyensec.com/2025/03/04/exploitable-sshd.html

Topics

exploit sshd vulnerability exploit-development

Resources

Readme
Activity
Custom properties

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Contributors 2

Languages