关联漏洞
标题:
OpenSSH 安全漏洞
(CVE-2024-6387)
描述:OpenSSH(OpenBSD Secure Shell)是加拿大OpenBSD计划组的一套用于安全访问远程计算机的连接工具。该工具是SSH协议的开源实现,支持对所有的传输进行加密,可有效阻止窃听、连接劫持以及其他网络级的攻击。 OpenSSH 存在安全漏洞,该漏洞源于信号处理程序中存在竞争条件,攻击者利用该漏洞可以在无需认证的情况下远程执行任意代码并获得系统控制权。
描述
regreSSHion vulnerability in OpenSSH CVE-2024-6387 Testing Script
介绍
# OpenSSH CVE-2024-6387 Mitigation Script
This repository contains a Python script designed to help network administrators scan and secure SSH configurations against the CVE-2024-6387 vulnerability found in OpenSSH's signal handling mechanism.
This vulnerability, if exploited, can allow unauthorized access or denial of service attacks due to race conditions during authentication timeouts.
## Background
CVE-2024-6387 targets a race condition issue in OpenSSH where failure to authenticate within the `LoginGraceTime` can lead to potential security vulnerabilities.
This script helps in identifying and mitigating such risks by adjusting server configurations and ensuring systems are updated and secure.
## Features
- **SSH Configuration Scanning**: Automatically scans the SSH configurations of network hosts.
- **LoginGraceTime Adjustment**: Suggests or makes adjustments to the `LoginGraceTime` parameter to secure SSH servers.
- **Reporting**: Generates a detailed report of the current SSH configurations and any changes applied.
## Prerequisites
Before running this script, ensure you have the following:
- Python 3.6 or higher
- Paramiko library installed (`pip install paramiko`)
## Installation
Clone this repository to your local machine:
git clone https://github.com/grupooruss/CVE-2024-6387-Tester.git
cd CVE-2024-6387-Tester
To run the script, execute the following command in your terminal: CVE-2024-6387.py
Make sure to modify the script with appropriate credentials and IP addresses of the servers you intend to scan.
## License
This project is licensed under the MIT License - see the LICENSE.md file for details.
Contact
For any inquiries or contributions, please contact www.grupooruss.com or open an issue in this repository.
## Acknowledgments
Thanks to all contributors who have helped in identifying and mitigating this vulnerability:
https://blog.qualys.com/vulnerabilities-threat-research/2024/07/01/regresshion-remote-unauthenticated-code-execution-vulnerability-in-openssh-server
Special thanks to cybersecurity researchers and network administrators dedicated to improving network security.
文件快照
[4.0K] /data/pocs/8b3c9a64cb8d065623d0344fbf8c6d6f16de0364
├── [ 922] CVE-2024-6387.py
├── [ 34K] LICENSE
└── [2.1K] README.md
0 directories, 3 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。