关联漏洞
标题:
OpenSSH 安全漏洞
(CVE-2024-6387)
描述:OpenSSH(OpenBSD Secure Shell)是加拿大OpenBSD计划组的一套用于安全访问远程计算机的连接工具。该工具是SSH协议的开源实现,支持对所有的传输进行加密,可有效阻止窃听、连接劫持以及其他网络级的攻击。 OpenSSH 存在安全漏洞,该漏洞源于信号处理程序中存在竞争条件,攻击者利用该漏洞可以在无需认证的情况下远程执行任意代码并获得系统控制权。
描述
OpenSSH CVE-2024-6387 Vulnerability Checker
介绍
# OpenSSH CVE-2024-6387 Vulnerability Checker
## Overview
This C program scans specified IP addresses or network ranges to check if the servers are running a potentially vulnerable version of OpenSSH. It checks if the SSH port (default is 22) is open, retrieves the SSH banner, and determines if the server is running a version known to have vulnerabilities.
## Compilation
To compile the program, use the following command:
```bash
gcc check_vuln.c -o check_vuln -lpthread
```
## Usage
### Basic Usage
To scan multiple IP addresses, pass them as arguments:
```bash
./check_vuln 192.168.1.1 192.168.1.2 10.0.0.1
```
### Specifying a Custom Port
If you want to specify a different port, use the `--port` option:
```bash
./check_vuln 192.168.1.1 192.168.1.2 10.0.0.1 --port 2222
```
### Using a File with IP Addresses
If you have a file with a list of IP addresses (one per line), you can pass the filename as an argument:
```bash
./check_vuln ip_list.txt
```
### Using CIDR Notation
You can also specify CIDR notation to scan an entire subnet:
```bash
./check_vuln 192.168.1.0/24
```
## Example Commands
1. **Scan multiple IP addresses on the default port (22)**:
```bash
./check_vuln 192.168.1.1 192.168.1.2 10.0.0.1
```
2. **Scan multiple IP addresses on a custom port (e.g., 2222)**:
```bash
./check_vuln 192.168.1.1 192.168.1.2 10.0.0.1 --port 2222
```
3. **Scan IP addresses from a file**:
```bash
./check_vuln ip_list.txt
```
4. **Scan an entire subnet using CIDR notation**:
```bash
./check_vuln 192.168.1.0/24
```
## Output Interpretation
The program will print the results of the scan, including the number of servers that are not vulnerable, likely vulnerable, and those with port 22 closed. For example:
```plaintext
🛡️ Servers not vulnerable: 1
[+] Server at 192.168.1.1
🚨 Servers likely vulnerable: 1
[+] Server at 192.168.1.2
🔒 Servers with port 22 closed: 1
📊 Total scanned targets: 3
```
## License
This project is licensed under the MIT License - see the [LICENSE](LICENSE) file for details.
## Disclaimer
This tool is intended for educational and ethical testing purposes only. Unauthorized use of this tool to scan systems without permission is illegal and unethical.
文件快照
[4.0K] /data/pocs/c98ce11efb6a0894b5acf98f1d2f8e63c8cfe1f2
├── [4.6K] check_vuln.c
├── [1.1K] LICENSE
├── [1.1K] LICENSE.md
└── [2.2K] README.md
0 directories, 4 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。