openssh-cve-2024-6387.sh# OpenSSH CVE-2024-6387
A vulnerability (CVE-2024-6387) has been discovered in OpenSSH. Successful exploitation of this vulnerability allows a remote, unauthenticated attacker to execute arbitrary code as root on the target machine.
All the glibc-based Linux distributions that have OpenSSH exposed are vulnerable to this issue.
## What should you do?
1. If you use virtual machines, bare-metal servers, or computers operating on Linux and accessible from the Internet, update firewall rules that may allow SSH through TCP on any port or limit the source IPs to trusted networks.
2. If OpenSSH needs to be left on, you can also execute a configuration update which eliminates the race case condition for the exploit. This is a runtime mitigation. To apply the changes in the sshd config, this script will restart the sshd service:
## Step by step:
1. Clone this repository
```
git clone https://github.com/rumochnaya/openssh-cve-2024-6387.sh.git
```
3. Open directory
```
cd openssh-cve-2024-6387.sh
```
5. Make a script executable
```
chmod +x openssh-cve-2024-6387.sh
```
6. Run the script
```
sudo ./openssh-cve-2024-6387.sh
```
## Done!
But be careful, update Linux at the first opportunity.
Log in to view the POC file snapshot cached by Shenlong Bot
Log in to view