[go: up one dir, main page]

Skip to content

This Python script checks for the CVE-2024-6387 vulnerability in OpenSSH servers. It supports multiple IP addresses, URLs, CIDR ranges, and ports. The script can also read addresses from a file.

License

Notifications You must be signed in to change notification settings

Amr-Hamza/CVE-2024-6387-Vulnerability-Checker

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits
 
 
 
 
 
 
 
 

Repository files navigation

CVE-2024-6387 Vulnerability Checker

Overview

This Python script is designed to check SSH servers for the CVE-2024-6387 vulnerability, specifically targeting the recently discovered regreSSHion, which is associated with specific versions of OpenSSH. The tool supports multiple IP addresses, URLs, CIDR ranges, and ports, and can also read addresses from a file. The results are displayed in a categorized and color-coded manner for better readability.

regreSSHion

Features

  • Customizable: Specify multiple IP addresses, URLs, CIDR ranges, and ports.
  • File Input Support: Read addresses and ranges from a file.
  • Color-Coded Output: Easily distinguish between vulnerable, safe, unknown, and error results.
  • Network Range Handling: Automatically expands CIDR ranges into individual IP addresses.

Output

  • SAFE: Non-vulnerable servers.
  • VULNERABLE: Servers running a vulnerable version of OpenSSH.
  • UNKNOWN: Servers with an unknown SSH version.
  • ERROR: Servers that could not be accessed or resolved.

Usage

Command Line

To run the script with multiple IPs, URLs, or CIDR ranges directly from the command line:

python3 CVE-2024-6387-Vulnerability-Checker.py <addresses> -p <ports> -t <timeout> 
  • addresses: IP addresses, URLs, or CIDR ranges to check (space-separated).

  • -p, --ports: Comma-separated list of port numbers for SSH (default: 22).

  • -t, --timeout: Connection timeout in seconds (default: 5.0).

image

From a File

To run the script with addresses specified in a file:

python3 CVE-2024-6387-Vulnerability-Checker.py -f <filename> -p <ports> -t <timeout>
  • filename: File containing a list of IP addresses or CIDR ranges.
image

Example Usage

To check multiple IPs, URLs, or CIDR ranges directly from the command line:

python3 CVE-2024-6387-Vulnerability-Checker.py 192.168.1.1 192.168.1.2 192.168.1.0/24 example.com -p 22,2222 -t 5.0
  • To check addresses from a file:
python3 CVE-2024-6387-Vulnerability-Checker.py -f addresses.txt -p 22,2222 -t 5.0

Example addresses.txt file:

192.168.1.1
example.com
192.168.1.0/24

Contributing

Contributions are welcome! Please follow these steps to contribute:

1. Fork the Repository: Click the "Fork" button at the top right of this page.

2. Clone Your Fork: Clone your forked repository to your local machine:

git clone https://github.com/YOUR_USERNAME/CVE-2024-6387-Vulnerability-Checker.git
cd CVE-2024-6387-Vulnerability-Checker

3. Create a Branch: Create a new branch for your feature or bugfix.

git checkout -b my-feature-branch

4. Make Changes: Make your changes to the code.

5. Commit Your Changes: Commit your changes with a descriptive commit message.

git add .
git commit -m "Description of the changes"

6. Push Your Branch: Push your branch to your forked repository.

git push origin my-feature-branch

7. Create a Pull Request: Go to the original repository on GitHub, and click "New Pull Request". Select your branch from the compare dropdown, and submit your pull request.


Launch

[July 09th-2024]

  • First Version - Launch

References

Qualys's Blog - regreSSHion: Remote Unauthenticated Code Execution Vulnerability in OpenSSH server

About

This Python script checks for the CVE-2024-6387 vulnerability in OpenSSH servers. It supports multiple IP addresses, URLs, CIDR ranges, and ports. The script can also read addresses from a file.

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • Python 100.0%