POC详情: f1efb13e296a7d2b13b830fd15a8ba9fb25fca69

来源
https://github.com/wiggels/regresshion-check
关联漏洞
标题: OpenSSH 安全漏洞 (CVE-2024-6387)
描述:OpenSSH(OpenBSD Secure Shell)是加拿大OpenBSD计划组的一套用于安全访问远程计算机的连接工具。该工具是SSH协议的开源实现,支持对所有的传输进行加密,可有效阻止窃听、连接劫持以及其他网络级的攻击。 OpenSSH 存在安全漏洞,该漏洞源于信号处理程序中存在竞争条件,攻击者利用该漏洞可以在无需认证的情况下远程执行任意代码并获得系统控制权。
描述
CLI Tool to Check SSH Servers for Vulnerability to CVE-2024-6387
介绍
# regresshion-check

`regresshion-check` is a Rust CLI tool to check SSH servers for vulnerability to CVE-2024-6387. It takes in a single IP or multiple IPs/CIDRs separated by newlines in a file. It includes the reverse DNS lookup and version string with any IPs detected as vulnerable.

(IPs listed in readme are examples only -- do not use)

## Prerequisites

- Rust and Cargo installed. You can install Rust and Cargo using [rustup](https://rustup.rs/).

## Building the Application

1. Clone the repository:
    ```sh
    git clone git@github.com:wiggels/regresshion-check.git
    cd regresshion-check
    ```

2. Build the application:
    ```sh
    cargo build --release
    ```

## Usage

### Scan a Single IP Address

To scan a single IP address, use the `--individual` option followed by the IP address:

```sh
regresshion-check --individual <ip-address>
```

Example usage:
```sh
regresshion-check --individual 215.227.162.32
```

### Scan Multiple IP Addresses from a File

To scan multiple IP addresses listed in a file, use the `--file` option followed by the input file:

Example file contents:
```
215.227.64.0/24
215.227.162.32
```

Example usage:
```sh
regresshion-check --file /path/to/file/here.txt
```

### Scanning Batch Size

The scanning job batches based on the current ulimit size minus a buffer of 64. If you would like this application to run faster when doing larger CIDRs/lists, raise the ulimit. Example: `ulimit -n 8192`

### Example Output
```
{
  "unknown": 226,
  "patched": 29,
  "vulnerable": 2,
  "vulnerable_ips": [
    {
      "ip": "215.227.162.32",
      "hostname": "some.server.somewhere.com",
      "version": "SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.7"
    },
    {
      "ip": "215.227.64.156",
      "hostname": "another.server.somewhere.com",
      "version": "SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.7"
    }
  ]
}
```
文件快照

 [4.0K]  /data/pocs/f1efb13e296a7d2b13b830fd15a8ba9fb25fca69
├── [ 14K]  Cargo.lock
├── [ 288]  Cargo.toml
├── [1.0K]  LICENSE
├── [1.8K]  README.md
└── [4.0K]  src
    └── [8.4K]  main.rs

1 directory, 5 files
神龙机器人已为您缓存
备注
    1. 建议优先通过来源进行访问。
    2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
    3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。