Share
## https://sploitus.com/exploit?id=0E9294FD-6B44-503A-84C2-C6E76E53B0B7
# CVE-2024-6387fixshell

只影响8.5p1 <= OpenSSH < 9.8p1

#### 安装编译依赖

```
sudo apt-get update
sudo apt-get install -y build-essential zlib1g-dev libssl-dev
```

#### 下载指定版本源码

```
wget https://cdn.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-9.8p1.tar.gz
```

#### 解压并进入目录

```
tar -xzf openssh-9.8p1.tar.gz
cd openssh-9.8p1
```

#### 编译和安装

```
./configure
make
sudo make install
```

#### 启动并检查安装

```
sudo systemctl restart ssh
ssh -V
```

完整修复脚本保存为fix.sh chmod 777 fix.sh | ./fix.sh

```
#!/bin/bash

# 更新包列表
echo "更新包列表..."
sudo apt-get update

# 安装编译依赖
echo "安装编译依赖..."
sudo apt-get install -y build-essential zlib1g-dev libssl-dev

# 下载指定版本源码
echo "下载OpenSSH 9.8p1源码..."
wget https://cdn.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-9.8p1.tar.gz

# 解压并进入目录
echo "解压OpenSSH 9.8p1源码..."
tar -xzf openssh-9.8p1.tar.gz
cd openssh-9.8p1

# 编译和安装
echo "编译和安装OpenSSH 9.8p1..."
./configure
make
sudo make install

# 启动并检查安装
echo "重启SSH服务并检查安装..."
sudo systemctl restart ssh
ssh -V

echo "OpenSSH 9.8p1 安装完成并成功启动。-By muyuanhuck.cn"
```