Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2024-6387 PoC — Openssh: regresshion - race condition in ssh allows rce/dos

Source
https://github.com/ACHUX21/checker-CVE-2024-6387
Associated Vulnerability
Title:Openssh: regresshion - race condition in ssh allows rce/dos (CVE-2024-6387)
Description:A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.
Readme

# OpenSSH Vulnerability Checker

## Overview

This script scans a list of target IP addresses or ranges to determine if they are running vulnerable To CVE-2024-6387.

## Features

- Scans IP addresses, domain names, file paths containing IP addresses, or CIDR network ranges.
- Checks a specified port (default: 22) for OpenSSH service.
- Handles multiple targets concurrently using threading for efficient scanning.
- Reports non-vulnerable, vulnerable, and closed ports.
- Supports exclusion of specific OpenSSH versions known to be patched or not vulnerable.

## Requirements

- Python 3.x
- `argparse` module for command-line argument parsing.
- `ipaddress` module for handling IP addresses and CIDR notation.

## Usage

### Command Line Options

```bash
usage: openssh_checker.py [-h] [--port PORT] [-t TIMEOUT] [-l LIST] targets [targets ...]

Check if servers are running a vulnerable version of OpenSSH.

positional arguments:
  targets               IP addresses, domain names, file paths containing IP addresses, or CIDR network ranges.

optional arguments:
  -h, --help            show this help message and exit
  --port PORT           Port number to check (default: 22).
  -t TIMEOUT, --timeout TIMEOUT
                        Connection timeout in seconds (default: 1 second).
  -l LIST, --list LIST  File containing a list of IP addresses to check.
```

### Examples

1. Check a single IP address:
   ```bash
   python3 openssh_checker.py 192.168.1.1
   ```

2. Check multiple IP addresses from a file:
   ```bash
   python3 openssh_checker.py -l ip_list.txt
   ```

3. Check a CIDR range:
   ```bash
   python3 openssh_checker.py 192.168.1.0/24
   ```

## Output

The script outputs detailed information about each target:

- Servers not vulnerable to OpenSSH exploits.
- Servers likely vulnerable to OpenSSH exploits.
- Servers with closed SSH ports.
- Total number of targets scanned.

## Notes

- Ensure that you have appropriate permissions to scan the target hosts.
- Use responsibly and only on systems you are authorized to test.
File Snapshot

 [4.0K]  /data/pocs/3065dbf5d04bca965cc3d95a5b3c08a1a2ae834e
├── [4.1K]  openssh_checker.py
└── [2.0K]  README.md

0 directories, 2 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →