CVE-2024-6387 RegreSSHion PoC

CVE-2024-6387 — RegreSSHion OpenSSH Pre-Auth RCE

Complete and documented exploit for the race condition vulnerability in the OpenSSH server signal handler (versions 8.5p1 to 9.7p1). This piece includes:

• Exploit in C — Compilable source code that exploits the race condition in the SIGALRM handler during authentication. Optimized for glibc-based Linux (x86_64).
• Detection script — Remote fingerprinting of vulnerable SSH versions without requiring authentication.
• Timing guide — Documentation on adjusting timing parameters based on network latency and target server load.
• Payload templates — Shellcode templates for reverse shell and bind shell post-exploitation.

Requirements: Linux attacker with gcc, target running OpenSSH 8.5p1-9.7p1 on glibc Linux.

Note: Exploitation requires ~10,000 attempts on average (~6-8 hours). This is not a one-shot — it is a real race condition that demands patience and fine-tuning.