paramiko has an auth bypass vuln (found in March 2018), ie. CVE-2018-7750
which can be leveraged to execute arbitrary command (if the ssh server implementation supports command execution)
anything that uses paramiko for ssh implementation, we can do things on it, unauthed
https://github.com/jm33-m0/CVE-2018-7750
# Exploit …
a lot of script kiddies know how to write their own SysV service file or modify the existing ones, fortunate for them, SysVinit is still widely supported in Linux world. Debian family choose to keep their SysVinit compatability …
more ...hi all, ive created new PGP key for my personal email address, and the old one 73690B57 is being deprecated
ill not respond to unencrypted emails
also, feel free to exchange public key in the comment section
more ...