Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2024-6387 PoC — Openssh: regresshion - race condition in ssh allows rce/dos

Source
https://github.com/SecWithMoh/CVE-2024-6387
Associated Vulnerability
Title:Openssh: regresshion - race condition in ssh allows rce/dos (CVE-2024-6387)
Description:A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.
Description
This Go program scans targets for CVE-2024-6387 in OpenSSH, categorizing servers by vulnerability status and port availability.
Readme
# OpenSSH CVE-2024-6387 Vulnerability Scanner
![CVE-2024-6387](https://github.com/SecWithMoh/CVE-2024-6387/blob/main/run.png)

**🔒 Overview:**

This Go program scans targets for CVE-2024-6387 in OpenSSH, categorizing servers by vulnerability status and port availability. It supports various target types including IP addresses, domain names, files with lists of targets, and CIDR notations. The tool checks if port 22 (default) is open on each target and retrieves the SSH banner to match against known vulnerable OpenSSH versions. Results are categorized into servers likely vulnerable, not vulnerable, or with port 22 closed. Detailed usage instructions and examples are provided for easy integration into security assessments and network monitoring workflows.

**🚀 Usage:**

1. **Clone the repository:**
   ```bash
   git clone https://github.com/SecWithMoh/CVE-2024-6387.git
   cd CVE-2024-6387
   ```

2. **Build the executable:**
   ```bash
   go build
   ```

3. **Prepare targets:**
   - Specify targets as IP addresses, domain names, file paths containing lists of targets, or CIDR network ranges.

4. **Run the scanner:**
   - Execute the program with specified options and targets:
     ```bash
     ./CVE-2024-6387 target1 target2 ...
     ```

   - Example with custom port and timeout:
     ```bash
     ./CVE-2024-6387 -port 2222 -timeout 2.5 target1
     ```

5. **Review results:**
   - View categorized results on the terminal:
     - Servers not vulnerable.
     - Servers likely vulnerable (with details of vulnerable versions).
     - Servers with port 22 closed.
     - Total scanned targets.

6. **File output:**
   - If servers are found vulnerable, their details are written to `exploitable.txt`.

**🛠️ Contributing:**

- Contributions are welcome via pull requests.
- Fork the repository, create a new branch, and submit your enhancements.
- Report bugs or suggest improvements by creating Issues on GitHub.

**📄 License:**

This project is licensed under the GNU General Public License v3.0 - see the [LICENSE](https://github.com/SecWithMoh/GGE/blob/main/LICENSE) file for details.
File Snapshot

 [4.0K]  /data/pocs/a8471996cdea412a7b6c84762e92dd49498ecf8b
├── [4.2K]  main.go
├── [2.1K]  README.md
└── [ 12K]  run.png

0 directories, 3 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →