This Python script is designed to check SSH servers for the CVE-2024-6387 vulnerability, specifically targeting the recently discovered regreSSHion, which is associated with specific versions of OpenSSH. The tool supports multiple IP addresses, URLs, CIDR ranges, and ports, and can also read addresses from a file. The results are displayed in a categorized and color-coded manner for better readability.
Created by Filipi Pires - Senior Threat Researcher & Cybersecurity Advocate
- Customizable: Specify multiple IP addresses, URLs, CIDR ranges, and ports.
- File Input Support: Read addresses and ranges from a file.
- Color-Coded Output: Easily distinguish between vulnerable, safe, unknown, and error results.
- Network Range Handling: Automatically expands CIDR ranges into individual IP addresses.
- SAFE: Non-vulnerable servers.
- VULNERABLE: Servers running a vulnerable version of OpenSSH.
- UNKNOWN: Servers with an unknown SSH version.
- ERROR: Servers that could not be accessed or resolved.
To run the script with multiple IPs, URLs, or CIDR ranges directly from the command line:
python3 CVE-2024-6387-Vulnerability-Checker.py <addresses> -p <ports> -t <timeout>
-
addresses: IP addresses, URLs, or CIDR ranges to check (space-separated).
-
-p, --ports: Comma-separated list of port numbers for SSH (default: 22).
-
-t, --timeout: Connection timeout in seconds (default: 5.0).
To run the script with addresses specified in a file:
python3 CVE-2024-6387-Vulnerability-Checker.py -f <filename> -p <ports> -t <timeout>
- filename: File containing a list of IP addresses or CIDR ranges.
To check multiple IPs, URLs, or CIDR ranges directly from the command line:
python3 CVE-2024-6387-Vulnerability-Checker.py 192.168.1.1 192.168.1.2 192.168.1.0/24 example.com -p 22,2222 -t 5.0
- To check addresses from a file:
python3 CVE-2024-6387-Vulnerability-Checker.py -f addresses.txt -p 22,2222 -t 5.0
Example addresses.txt file:
192.168.1.1
example.com
192.168.1.0/24
1. Fork the Repository: Click the "Fork" button at the top right of this page.
2. Clone Your Fork: Clone your forked repository to your local machine:
git clone https://github.com/YOUR_USERNAME/CVE-2024-6387-Vulnerability-Checker.git
cd CVE-2024-6387-Vulnerability-Checker
3. Create a Branch: Create a new branch for your feature or bugfix.
git checkout -b my-feature-branch
4. Make Changes: Make your changes to the code.
5. Commit Your Changes: Commit your changes with a descriptive commit message.
git add .
git commit -m "Description of the changes"
6. Push Your Branch: Push your branch to your forked repository.
git push origin my-feature-branch
7. Create a Pull Request: Go to the original repository on GitHub, and click "New Pull Request". Select your branch from the compare dropdown, and submit your pull request.
[July 09th-2024]
- First Version - Launch
[August 28th-2024]
- Repository Updated
Qualys's Blog - regreSSHion: Remote Unauthenticated Code Execution Vulnerability in OpenSSH server