when i run poc.py error:ImportError: No module named py3compat

Hi, @tintinweb !

I am getting lost when I am trying to reproduce this bug.

What is step 5 of PoC? Everything is reproduced until step 5. Is it the output of some other utility that is not specified in README?

My understanding is that the error message should be output of pscp. Am I getting is right?

Best,
Victor

楼主在吗，有问题咨询，关于dropbear

hi, i have solution for this exploit, and with your poc i have the way to access linux shell and bypass force command :)
maybe you're interesting with me 👍
mail: [email protected]

environment:

clients:

• openssh 7.7p1
• openssl 1.0.2o
• kali 2018-2
• python 2.7.15

server:

• openssh 6.6.1p1
• openssl 1.0.1f
• Ubuntu 14.0.4.1-LTS
• X11Forward yes

It seemed that I used this poc.py login as user2 successfully.
But when i typed ".info" or any other commands, it crashed like this.

Traceback (most recent call last):
  File "poc.py", line 152, in <module>
    LOGGER.info(ex.exploit_fwd_readfile(cmd.split(" ",1)[1]))
  File "poc.py", line 52, in exploit_fwd_readfile
    data = self.exploit("xxxx\nsource %s\n"%path)
  File "poc.py", line 38, in exploit
    session.request_x11(auth_cookie=cmd)
  File "/usr/lib/python2.7/dist-packages/paramiko/channel.py", line 63, in _check
    return func(self, *args, **kwds)
  File "/usr/lib/python2.7/dist-packages/paramiko/channel.py", line 474, in request_x11
    self._wait_for_event()
  File "/usr/lib/python2.7/dist-packages/paramiko/channel.py", line 1198, in _wait_for_event
    raise e
paramiko.ssh_exception.SSHException: Channel closed.

Hello

Is there a chance you are going to release the proof of concept for cve-2016-3116?
I am testing IoT devices and this cve came up in a couple, it would be nice to see if they can be exploited.