MCPcopy Index your code
hub / github.com/0xdeadbeefnetwork/ssh-keysign-pwn

github.com/0xdeadbeefnetwork/ssh-keysign-pwn @main

Chat with this repo
repository ↗ · DeepWiki ↗ · + Follow
6 symbols 8 edges 4 files 0 documented · 0%
What it actually does AI analysis from the code graph — generated when you open this
loading…
README

ssh-keysign-pwn

"It is a fearful thing to fall into the hands of the living God." — Hebrews 10:31

Read root-owned files as an unprivileged user. Pre-31e62c2ebbfd kernels (everything in stable as of 2026-05-14).

demo

The bug

__ptrace_may_access() skips the dumpable check when task->mm == NULL. do_exit() runs exit_mm() before exit_files() — no mm, fds still there. pidfd_getfd(2) succeeds in that window when the caller's uid matches the target's.

Reported by Qualys, fixed by Linus 2026-05-14. Jann Horn flagged the FD-theft shape in October 2020. Six years.

Targets

sshkeysign_pwn — pulls /etc/ssh/ssh_host_{ecdsa,ed25519,rsa}_key. ssh-keysign.c opens them (mode 0600) before permanently_set_uid(), then bails on EnableSSHKeysign=no with the fds still open. Same shape since 2002.

chage_pwn — pulls /etc/shadow. chage -l <user> calls spw_open(O_RDONLY) then setreuid(ruid, ruid). Both args set means uid=euid=suid=ruid: full drop. Race the exit, lift the shadow fd, crack the root hash offline.

Build and run

make
./sshkeysign_pwn          # host keys
./chage_pwn root          # /etc/shadow content

Either prints the file on stdout. Hits in 100–2000 spawns.

Confirmed

Raspberry Pi OS Bookworm 6.12.75, Debian 13, Ubuntu 22.04 / 24.04 / 26.04, Arch, CentOS 9.

Controlled-target PoC

vuln_target.c opens /etc/shadow then drops. exploit_vuln_target.c shows EPERM while it's alive and the steal post-SIGKILL.

sudo install -m 4755 vuln_target /usr/local/bin/vuln_target
./exploit_vuln_target /usr/local/bin/vuln_target
https://nvd.nist.gov/vuln/detail/CVE-2026-46333

Core symbols most depended-on inside this repo

pidfd_open
called by 1
sshkeysign_pwn.c
pidfd_getfd
called by 1
sshkeysign_pwn.c
main
called by 0
sshkeysign_pwn.c
main
called by 0
chage_pwn.c
main
called by 0
exploit_vuln_target.c
main
called by 0
vuln_target.c

Shape

Function 6

Languages

C100%

Modules by API surface

sshkeysign_pwn.c3 symbols
vuln_target.c1 symbols
exploit_vuln_target.c1 symbols
chage_pwn.c1 symbols

For agents

$ claude mcp add ssh-keysign-pwn \
  -- python -m otcore.mcp_server <graph>

⬇ download graph artifact