关联漏洞
标题:
OpenSSH 安全漏洞
(CVE-2024-6387)
描述:OpenSSH(OpenBSD Secure Shell)是加拿大OpenBSD计划组的一套用于安全访问远程计算机的连接工具。该工具是SSH协议的开源实现,支持对所有的传输进行加密,可有效阻止窃听、连接劫持以及其他网络级的攻击。 OpenSSH 存在安全漏洞,该漏洞源于信号处理程序中存在竞争条件,攻击者利用该漏洞可以在无需认证的情况下远程执行任意代码并获得系统控制权。
描述
CVE-2024-6387 with auto ip scanner and auto expliot
介绍
# ssh_exploiter CVE-2024-6387 with auto ip scanner and auto expliot
# OpenSSH Vulnerability Checker & Exploiter
This Python script checks if servers are running vulnerable versions of OpenSSH and attempts exploitation if possible.
## Features
- **SSH Version Detection**: Retrieves SSH banner to determine the OpenSSH version.
- **Vulnerability Check**: Verifies if the detected version is vulnerable based on known vulnerable versions.
- **Exploitation Attempt**: Tries to exploit race condition vulnerability on vulnerable servers.
- **Multithreaded Scanning**: Utilizes threading for concurrent vulnerability checks on multiple targets.
## Requirements
- Python 3.x
- Required Python packages (install via `pip install -r requirements.txt`):
- `ipaddress`
## Usage
```bash
python3 ssh_exploit.py <targets> [--port PORT] [-t TIMEOUT] [-l IP_LIST_FILE]
```
- **targets**: IP addresses, domain names, file paths containing IP addresses, or CIDR network ranges to scan.
- `--port PORT`: Port number to check (default: 22).
- `-t TIMEOUT`: Connection timeout in seconds (default: 1 second).
- `-l IP_LIST_FILE`: File containing a list of IP addresses to check.
## Example
```bash
python3 ssh_exploit.py 192.168.1.1 10.0.0.0/24 --port 22 -t 1.5
```
## Output
Upon completion, the script outputs a summary of the scan:
- **Servers not vulnerable**: Lists servers that are not running vulnerable versions.
- **Servers likely vulnerable**: Lists servers that are potentially vulnerable based on detected OpenSSH version.
- **Servers with port closed**: Displays the number of servers where the specified port is closed.
- **Total scanned targets**: Shows the total number of targets scanned.
## Notes
- Ensure you have appropriate permissions before scanning servers.
- Use responsibly and only on systems you are authorized to test.
文件快照
[4.0K] /data/pocs/692201f04052b0e874e4e167ad726d087bba231a
├── [1.8K] README.md
└── [8.0K] ssh_exploiter_cve-2024-6387
0 directories, 2 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。