Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2024-6387 PoC — Openssh: regresshion - race condition in ssh allows rce/dos

Source
https://github.com/sardine-web/CVE-2024-6387-template
Associated Vulnerability
Title:Openssh: regresshion - race condition in ssh allows rce/dos (CVE-2024-6387)
Description:A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.
Description
Quick regreSSHion checker (based on software version) for nuclei CVE-2024-6387
Readme
<h2>CVE-2024-6387 Nuclei Template</h2>

Quick regreSSHion checker (based on software version) for nuclei CVE-2024-6387.

<h2>Dorks</h2>

  - FOFA
    
    - Link🔗: https://en.fofa.info/result?qbase64=YXBwPSJPcGVuU1NIIg%3D%3D
  
    -  Query: app="OpenSSH"
   
  - Netlas
    
      - Link🔗: https://app.netlas.io/responses/?q=tag.openssh.version%3A%28%3E%3D8.5%20AND%20%3C9.8%29%20OR%20tag.openssh.version%3A%28%3C4.4%29&page=1&indices=
    
      - Query: tag.openssh.version:(>=8.5 AND <9.8) OR tag.openssh.version:(<4.4)
        
  - hunter.how
    
      - Link🔗: https://hunter.how/list?searchValue=product.name%3D%22OpenSSH%22
        
      - Query: /product.name="OpenSSH"

# Disclaimer

This template is created for educational purposes only. Unauthorized use of this template on systems you do not own or have explicit permission to test is illegal and unethical. Use this tool responsibly and only on systems where you have permission to perform security testing.

# License

This project is licensed under the MIT License.

Author: Sardine Web
File Snapshot

 [4.0K]  /data/pocs/0dd1995cb81413e42e3e8d0cadd7968a2a5e4f6e
├── [ 622]  CVE-2024-6387.yaml
└── [1.0K]  README.md

0 directories, 2 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →