## https://sploitus.com/exploit?id=33D623F7-98E0-5F75-80FA-81AA666D1340
# CVE-2024-6387-OpenSSH-Multi-Checker
The `CVE-2024-6387-checker.sh` script is a tool designed to check multiple targets (IPs or hostnames) at once for the CVE-2024-6387 vulnerability. This script performs a local OpenSSH version check, scans remote servers for SSH banners, and determines whether they are vulnerable to CVE-2024-6387. Inspection results are presented in an easy-to-read report.
## Main Features
- **Automatic Installation of nmap**: Ensures `nmap` is installed on the system before scanning.
- **Local OpenSSH Version Scan**: Checks whether the local OpenSSH version is vulnerable.
- **Multiple Target Scanning**: Enables scanning multiple targets at once.
- **Customizable Port Scanning**: Users can specify the ports to scan (default 22).
- **Detailed Report**: Presents a report showing which servers are vulnerable, not vulnerable, or have closed ports.
## How the Script Works
1. **Nmap Installation**: The script checks if `nmap` is installed and tries to install it if it is not found.
2. **Local OpenSSH Version Check**: Checks the OpenSSH version on the local machine and compares it to the list of vulnerable versions.
3. **Remote Server Scan**: Uses `nmap` to get the SSH banner of the target server and check its version.
4. **Vulnerability Identification**: Checks whether the OpenSSH version from the banner is included in the list of vulnerable versions or is excluded.
5. **Reporting**: Presents scan results in an easy-to-read format.
## Script Usage
To run the script, use the following command in the terminal:
```sh
./CVE-2024-6387-checker.sh [options] [target(s)]
```
## Options
- `-p, --port [PORT]`: Specifies the port to scan (default 22).
- `-h, --help`: Display help and exit messages.
## Target
The IP address or hostname of the server to be scanned.
## Usage Example
```sh
./CVE-2024-6387-checker.sh 192.168.1.1
./CVE-2024-6387-checker.sh -p 2222 192.168.1.1 192.168.1.2
./CVE-2024-6387-checker.sh --help
```
This script helps users check multiple servers for the CVE-2024-6387 vulnerability in an efficient and structured way.
## License
This project is licensed under the MIT License - see the [LICENSE](LICENSE) file for details.
## Contributing
Contributions are welcome! Please feel free to submit a Pull Request.
## Acknowledgements
Special thanks to all the contributors and the open-source community for their valuable inputs and suggestions.
## Contact
For any inquiries or issues, please open an issue on this repository.
## Star on GitHub
If you find this project useful, please consider giving it a star on [GitHub](https://github.com/X-Projetion/CVE-2023-4596-OpenSSH-Multi-Checker).
## Disclaimer
This script is for educational purposes only. Use it at your own risk.