关联漏洞
标题:
OpenSSH 安全漏洞
(CVE-2024-6387)
描述:OpenSSH(OpenBSD Secure Shell)是加拿大OpenBSD计划组的一套用于安全访问远程计算机的连接工具。该工具是SSH协议的开源实现,支持对所有的传输进行加密,可有效阻止窃听、连接劫持以及其他网络级的攻击。 OpenSSH 存在安全漏洞,该漏洞源于信号处理程序中存在竞争条件,攻击者利用该漏洞可以在无需认证的情况下远程执行任意代码并获得系统控制权。
描述
Provides instructions for using the script to check if your OpenSSH installation is vulnerable to CVE-2024-6387
介绍
# CVE-2024-6387 Checker
This README provides instructions for using the script to check if your OpenSSH installation is vulnerable to CVE-2024-6387. The script inspects the installed `sshd` binaries on your system, determines their versions, and checks for vulnerability status based on the detected version.
## Requirements
- Unix-like operating system (Linux, macOS, etc.)
- `awk`, `grep`, `sed`, `strings`, and `cut` utilities available in your shell environment
## Script Overview
The script performs the following steps:
1. Identifies all instances of `sshd` using the `type -a sshd` command.
2. Extracts the version string from each `sshd` binary.
3. Parses the version string to determine the major and minor version numbers.
4. Checks the parsed version against known vulnerable and non-vulnerable versions of OpenSSH.
5. Outputs the version and vulnerability status for each `sshd` binary.
## Usage
1. Copy the script into a file, e.g., `check_cve_2024_6387.sh`.
2. Give the script execute permissions:
```sh
chmod +x check_cve_2024_6387.sh
```
3. Run the script:
```sh
./check_cve_2024_6387.sh
```
```sh
#!/bin/bash
for each_entry in $(type -a sshd | awk '{print $NF}' | uniq); do
version_string=$(strings "$each_entry" | grep -o "OpenSSH_[0-9]\+\.[0-9]\+p[0-9]\+" | uniq)
if [ -n "$version_string" ]; then
version=$(echo "$version_string" | sed -E 's/OpenSSH_([0-9]+\.[0-9]+)p[0-9]+/\1/')
major_version=$(echo $version | cut -d '.' -f 1)
minor_version=$(echo $version | cut -d '.' -f 2)
if [ "$major_version" -lt 4 ] || ([ "$major_version" -eq 4 ] && [ "$minor_version" -lt 4 ]); then
status="YES (Unless patched for CVE-2006-5051 and CVE-2008-4109)"
elif ([ "$major_version" -eq 4 ] && [ "$minor_version" -ge 4 ]) || ([ "$major_version" -ge 5 ] && [ "$major_version" -lt 8 ]) || ([ "$major_version" -eq 8 ] && [ "$minor_version" -lt 5 ]); then
status="NO"
elif ([ "$major_version" -eq 8 ] && [ "$minor_version" -ge 5 ]) || ([ "$major_version" -eq 9 ] && [ "$minor_version" -le 7 ]); then
status="YES"
else
status="Unknown"
fi
echo "Found OpenSSH version: $version in $each_entry"
echo "Vulnerability Status: $status"
if [ "$status" == "YES" ]; then
echo "Patch Immediately to OpenSSH 9.8/9.8p1"
fi
else
echo "No match found for $each_entry"
fi
done
文件快照
[4.0K] /data/pocs/892ee5604a41abce3258fef7bfa79f7c60fcd5d7
├── [1.2K] checker.sh
├── [ 21K] cve-2024-6387-poc.zip
└── [2.3K] README.md
0 directories, 3 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。