CVE-2024-6387-Check is a streamlined and efficient tool created to detect servers operating on vulnerable versions of OpenSSH.# CVE-2024-6387-Checker
## Description
CVE-2024-6387-Checker is a tool designed to identify servers running vulnerable versions of OpenSSH, specifically targeting the recently discovered regreSSHion vulnerability (CVE-2024-6387). This script facilitates rapid scanning of multiple IP addresses, domain names, and CIDR network ranges to detect potential vulnerabilities and ensure your infrastructure is secure.
## Features
- **Rapid Scanning**: Quickly scan multiple IP addresses, domain names, and CIDR ranges for the CVE-2024-6387 vulnerability.
- **Banner Retrieval**: Efficiently retrieves SSH banners without authentication.
- **Multi-threading**: Uses threading for concurrent checks, significantly reducing scan times.
- **Detailed Output**: Provides clear, emoji-coded output summarizing scan results.
- **Port Check**: Identifies closed ports and provides a summary of non-responsive hosts.
## Usage
```bash
python CVE-2024-6387.py <targets> [--port PORT]
```
### Examples
#### Single IP
```bash
python CVE-2024-6387.py 192.168.1.1
```
#### IPs from a list
```bash
python CVE-2024-6387.py -l ip_list.txt
```
#### Multiple IPs and Domains
```bash
python CVE-2024-6387.py 192.168.1.1 example.com 192.168.1.2
```
#### CIDR Range
```bash
python CVE-2024-6387.py 192.168.1.0/24
```
#### With Custom Port
```bash
python CVE-2024-6387.py 192.168.1.1 example.com --port 2222
```
## References
[Qualys Blog on regreSSHion Vulnerability](https://www.qualys.com/blog/2024/regresshion-vulnerability)
[Qualys TXT on regreSSHion Vulnerability](https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt)
[4.0K] /data/pocs/6677f14eac50f3e5830a289a734ecd63c9dddcbd
├── [7.2K] CVE-2024-6387_poc.py
├── [5.7K] CVE-2024-6387.py
└── [1.6K] README.md
0 directories, 3 files