Exploiting `dsa.Verify` in Go (CVE-2019-17596)

Please see the associated blog post for details.

Running

Since versions of Go newer than 1.13.1 are patched, I;ve included a Dockerfile, that makes it easier to pin your Go version. Simply run Docker build:

docker build .

There are two files of interest:

dsa_test.go: Contains a test case for causing dsa.Verify to panic/
ssh_test.go: Contains a test case for making an crypto/ssh.Client to panic via an evil SSH Host Key.

Improvements, bugs, adding feature, etc:

Please open issues in Github for ideas, bugs, and general thoughts. Pull requests are of course preferred :)

License

poc-dsa-verify-CVE-2019-17596 is licensed under the Apache License, Version 2.0

Name		Name	Last commit message	Last commit date
Latest commit History 7 Commits
.dockerignore		.dockerignore
Dockerfile		Dockerfile
LICENSE		LICENSE
NOTICE		NOTICE
README.md		README.md
dsa_test.go		dsa_test.go
go.mod		go.mod
go.sum		go.sum
shared_test.go		shared_test.go
ssh_test.go		ssh_test.go
test.sh		test.sh

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

.dockerignore

.dockerignore

Dockerfile

Dockerfile

LICENSE

LICENSE

NOTICE

NOTICE

README.md

README.md

dsa_test.go

dsa_test.go

go.mod

go.mod

go.sum

go.sum

shared_test.go

shared_test.go

ssh_test.go

ssh_test.go

test.sh

test.sh

Repository files navigation

Exploiting `dsa.Verify` in Go (CVE-2019-17596)

Running

Improvements, bugs, adding feature, etc:

License

About

Releases

Packages

Languages

License

pquerna/poc-dsa-verify-CVE-2019-17596

Folders and files

Latest commit

History

Repository files navigation

Exploiting dsa.Verify in Go (CVE-2019-17596)

Running

Improvements, bugs, adding feature, etc:

License

About

Resources

License

Stars

Watchers

Forks

Languages

Exploiting `dsa.Verify` in Go (CVE-2019-17596)