Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1310 CNY

100%
Buy Us a Coffee

CVE-2024-6387 PoC — Openssh: regresshion - race condition in ssh allows rce/dos

Source
https://github.com/RickGeex/CVE-2024-6387-Checker
Associated Vulnerability
Title:Openssh: regresshion - race condition in ssh allows rce/dos (CVE-2024-6387)
Description:A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.
Description
CVE-2024-6387-Check is a streamlined and efficient tool created to detect servers operating on vulnerable versions of OpenSSH.
Readme
# CVE-2024-6387-Checker

## Description
CVE-2024-6387-Checker is a tool designed to identify servers running vulnerable versions of OpenSSH, specifically targeting the recently discovered regreSSHion vulnerability (CVE-2024-6387). This script facilitates rapid scanning of multiple IP addresses, domain names, and CIDR network ranges to detect potential vulnerabilities and ensure your infrastructure is secure.

## Features
- **Rapid Scanning**: Quickly scan multiple IP addresses, domain names, and CIDR ranges for the CVE-2024-6387 vulnerability.
- **Banner Retrieval**: Efficiently retrieves SSH banners without authentication.
- **Multi-threading**: Uses threading for concurrent checks, significantly reducing scan times.
- **Detailed Output**: Provides clear, emoji-coded output summarizing scan results.
- **Port Check**: Identifies closed ports and provides a summary of non-responsive hosts.

## Usage
```bash
python CVE-2024-6387.py <targets> [--port PORT]
```

### Examples
#### Single IP
```bash
python CVE-2024-6387.py 192.168.1.1
```

#### IPs from a list
```bash
python CVE-2024-6387.py -l ip_list.txt
```

#### Multiple IPs and Domains
```bash
python CVE-2024-6387.py 192.168.1.1 example.com 192.168.1.2
```

#### CIDR Range
```bash
python CVE-2024-6387.py 192.168.1.0/24
```

#### With Custom Port
```bash
python CVE-2024-6387.py 192.168.1.1 example.com --port 2222
```

## References
[Qualys Blog on regreSSHion Vulnerability](https://www.qualys.com/blog/2024/regresshion-vulnerability)
[Qualys TXT on regreSSHion Vulnerability](https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt)
File Snapshot

Log in to view the POC file snapshot cached by Shenlong Bot

Log in to view
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →