CVE-2024-6387 Vulnerability Checker

July 11, 2024
(23 views)

Overview

This Python script is designed to check SSH servers for the CVE-2024-6387 vulnerability, specifically targeting the recently discovered regreSSHion, which is associated with specific versions of OpenSSH. The tool supports multiple IP addresses, URLs, CIDR ranges, and ports, and can also read addresses from a file. The results are displayed in a categorized and color-coded manner for better readability.

Features

  • Customizable:
    Specify multiple IP addresses, URLs, CIDR ranges, and ports.
  • File Input Support:
    Read addresses and ranges from a file.
  • Color-Coded Output:
    Easily distinguish between vulnerable, safe, unknown, and error results.
  • Network Range Handling:
    Automatically expands CIDR ranges into individual IP addresses.

Output

  • SAFE:
    Non-vulnerable servers.
  • VULNERABLE:
    Servers running a vulnerable version of OpenSSH.
  • UNKNOWN:
    Servers with an unknown SSH version.
  • ERROR:
    Servers that could not be accessed or resolved.

Command Line

To run the script with multiple IPs, URLs, or CIDR ranges directly from the command line:

python3 CVE-2024-6387-Vulnerability-Checker.py <addresses> -p <ports> -t <timeout> 
  • addresses
    IP addresses, URLs, or CIDR ranges to check (space-separated).
  • p, --ports
    Comma-separated list of port numbers for SSH (default: 22).
  • -t,....












Subscribe
Notify of
guest

This site uses Akismet to reduce spam. Learn how your comment data is processed.

1 Comment
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
Filipi Pires
20 hours ago

For those of you that dont know where to get the checker, you can clone it here.
https://github.com/filipi86/CVE-2024-6387-Vulnerability-Checker/

© HAKIN9 MEDIA SP. Z O.O. SP. K. 2023
What certifications or qualifications do you hold?
Max. file size: 150 MB.

What level of experience should the ideal candidate have?
What certifications or qualifications are preferred?

Download Free eBook

Step 1 of 4

Name(Required)

We’re committed to your privacy. Hakin9 uses the information you provide to us to contact you about our relevant content, products, and services. You may unsubscribe from these communications at any time. For more information, check out our Privacy Policy.