关联漏洞
标题:
OpenSSH 安全漏洞
(CVE-2024-6387)
描述:OpenSSH(OpenBSD Secure Shell)是加拿大OpenBSD计划组的一套用于安全访问远程计算机的连接工具。该工具是SSH协议的开源实现,支持对所有的传输进行加密,可有效阻止窃听、连接劫持以及其他网络级的攻击。 OpenSSH 存在安全漏洞,该漏洞源于信号处理程序中存在竞争条件,攻击者利用该漏洞可以在无需认证的情况下远程执行任意代码并获得系统控制权。
描述
Welcome to the CVE-2024-6387 OpenSSH Vulnerability Checker repository! This project offers multiple scripts to check the installed version of OpenSSH on your system and determine if it is vulnerable to CVE-2024-6387. It supports various environments, including Ubuntu, Mac, and Windows.
介绍
# CVE-2024-6387-OpenSSH-Vulnerability-Checker
This repository contains a Bash script to check the OpenSSH version on Ubuntu systems and determine if it's vulnerable to known security issues.
<img width="1092" alt="image" src="https://github.com/turbobit/CVE-2024-6387-OpenSSH-Vulnerability-Checker/assets/11604783/038d04e2-8e16-4aea-8739-41a136c238f0">
## Features ##
- Checks the installed OpenSSH version on the system.
- Determines if the version is vulnerable to known security issues.
- Provides vulnerability status based on version number.
## Usage ##
There are two ways to run the script:
### Method 1: Download and Execute
- Download the script.
- Give the script execution permissions:
```bash
chmod +x CVE-2024-6387-OpenSSH-Vulnerability-Checker.sh
```
- Run the script:
```bash
./CVE-2024-6387-OpenSSH-Vulnerability-Checker.sh
```
### Method 2: Execute Directly Using curl ###
You can directly download and execute the script using the following command:
```bash
curl https://raw.githubusercontent.com/turbobit/CVE-2024-6387-OpenSSH-Vulnerability-Checker/main/CVE-2024-6387-OpenSSH-Vulnerability-Checker.sh | bash -
```
Note: Always review the script content before executing it.
### Method 3: Execute Python Script Directly ###
To directly download and execute the Python script, use the following command:
```bash
curl https://raw.githubusercontent.com/turbobit/CVE-2024-6387-OpenSSH-Vulnerability-Checker/main/CVE-2024-6387-OpenSSH-Vulnerability-Checker.py | python3 -
```
Note: Always review the script content before executing it.
### Method 4: Execute Go Script Directly ###
To directly download and execute the Go script, use the following command:
```bash
curl https://raw.githubusercontent.com/turbobit/CVE-2024-6387-OpenSSH-Vulnerability-Checker/main/CVE-2024-6387-OpenSSH-Vulnerability-Checker.go -o CVE-2024-6387-OpenSSH-Vulnerability-Checker.go
go run CVE-2024-6387-OpenSSH-Vulnerability-Checker.go
```
Note: Always review the script content before executing it.
### Method 5: Build and Execute Go Script ###
- Make sure you have Go installed on your system.
- Download the Go script:
```bash
git clone https://github.com/turbobit/CVE-2024-6387-OpenSSH-Vulnerability-Checker
```
- Build the script for your platform using build_go.sh:
```bash
bash ./build_go.sh
```
- Execute the built file:
```bash
./build/CVE-2024-6387-OpenSSH-Vulnerability-Checker-<your-platform>
```
## Notes ##
This script has been tested on Ubuntu and Mac systems. The script results are for reference only.
For a thorough security assessment, consult with a security expert.
If a vulnerable version is detected, consult with your system administrator to apply appropriate updates or patches.
## Contributing ##
Bug reports, feature suggestions, and pull requests are welcome. Please submit your ideas through issues.
文件快照
[4.0K] /data/pocs/0b842b570a08b371ee0f02421526d83dece3a248
├── [1.2K] build_go.sh
├── [2.2K] CVE-2024-6387-OpenSSH-Vulnerability-Checker.dart
├── [2.6K] CVE-2024-6387-OpenSSH-Vulnerability-Checker.go
├── [2.0K] CVE-2024-6387-OpenSSH-Vulnerability-Checker.py
├── [2.0K] CVE-2024-6387-OpenSSH-Vulnerability-Checker.sh
├── [ 34K] LICENSE
└── [2.8K] README.md
0 directories, 7 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。