Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2024-6387 PoC — Openssh: regresshion - race condition in ssh allows rce/dos

Source
https://github.com/betancour/OpenSSH-Vulnerability-test
Associated Vulnerability
Title:Openssh: regresshion - race condition in ssh allows rce/dos (CVE-2024-6387)
Description:A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.
Description
OpenSSH CVE-2024-6387 Vulnerability Checker
Readme
# OpenSSH CVE-2024-6387 Vulnerability Checker

## Overview

This C program scans specified IP addresses or network ranges to check if the servers are running a potentially vulnerable version of OpenSSH. It checks if the SSH port (default is 22) is open, retrieves the SSH banner, and determines if the server is running a version known to have vulnerabilities.

## Compilation

To compile the program, use the following command:

```bash
gcc check_vuln.c -o check_vuln -lpthread
```

## Usage

### Basic Usage

To scan multiple IP addresses, pass them as arguments:

```bash
./check_vuln 192.168.1.1 192.168.1.2 10.0.0.1
```

### Specifying a Custom Port

If you want to specify a different port, use the `--port` option:

```bash
./check_vuln 192.168.1.1 192.168.1.2 10.0.0.1 --port 2222
```

### Using a File with IP Addresses

If you have a file with a list of IP addresses (one per line), you can pass the filename as an argument:

```bash
./check_vuln ip_list.txt
```

### Using CIDR Notation

You can also specify CIDR notation to scan an entire subnet:

```bash
./check_vuln 192.168.1.0/24
```

## Example Commands

1. **Scan multiple IP addresses on the default port (22)**:

   ```bash
   ./check_vuln 192.168.1.1 192.168.1.2 10.0.0.1
   ```

2. **Scan multiple IP addresses on a custom port (e.g., 2222)**:

   ```bash
   ./check_vuln 192.168.1.1 192.168.1.2 10.0.0.1 --port 2222
   ```

3. **Scan IP addresses from a file**:

   ```bash
   ./check_vuln ip_list.txt
   ```

4. **Scan an entire subnet using CIDR notation**:

   ```bash
   ./check_vuln 192.168.1.0/24
   ```

## Output Interpretation

The program will print the results of the scan, including the number of servers that are not vulnerable, likely vulnerable, and those with port 22 closed. For example:

```plaintext
🛡️ Servers not vulnerable: 1
   [+] Server at 192.168.1.1

🚨 Servers likely vulnerable: 1
   [+] Server at 192.168.1.2

🔒 Servers with port 22 closed: 1

📊 Total scanned targets: 3
```

## License

This project is licensed under the MIT License - see the [LICENSE](LICENSE) file for details.

## Disclaimer

This tool is intended for educational and ethical testing purposes only. Unauthorized use of this tool to scan systems without permission is illegal and unethical.
File Snapshot

 [4.0K]  /data/pocs/c98ce11efb6a0894b5acf98f1d2f8e63c8cfe1f2
├── [4.6K]  check_vuln.c
├── [1.1K]  LICENSE
├── [1.1K]  LICENSE.md
└── [2.2K]  README.md

0 directories, 4 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →