## https://sploitus.com/exploit?id=535C5505-40BC-5D18-B346-1FDF036F0B08
# OpenSSH Vulnerability Checker
## Overview
This script scans a list of target IP addresses or ranges to determine if they are running vulnerable To CVE-2024-6387.
## Features
- Scans IP addresses, domain names, file paths containing IP addresses, or CIDR network ranges.
- Checks a specified port (default: 22) for OpenSSH service.
- Handles multiple targets concurrently using threading for efficient scanning.
- Reports non-vulnerable, vulnerable, and closed ports.
- Supports exclusion of specific OpenSSH versions known to be patched or not vulnerable.
## Requirements
- Python 3.x
- `argparse` module for command-line argument parsing.
- `ipaddress` module for handling IP addresses and CIDR notation.
## Usage
### Command Line Options
```bash
usage: openssh_checker.py [-h] [--port PORT] [-t TIMEOUT] [-l LIST] targets [targets ...]
Check if servers are running a vulnerable version of OpenSSH.
positional arguments:
targets IP addresses, domain names, file paths containing IP addresses, or CIDR network ranges.
optional arguments:
-h, --help show this help message and exit
--port PORT Port number to check (default: 22).
-t TIMEOUT, --timeout TIMEOUT
Connection timeout in seconds (default: 1 second).
-l LIST, --list LIST File containing a list of IP addresses to check.
```
### Examples
1. Check a single IP address:
```bash
python3 openssh_checker.py 192.168.1.1
```
2. Check multiple IP addresses from a file:
```bash
python3 openssh_checker.py -l ip_list.txt
```
3. Check a CIDR range:
```bash
python3 openssh_checker.py 192.168.1.0/24
```
## Output
The script outputs detailed information about each target:
- Servers not vulnerable to OpenSSH exploits.
- Servers likely vulnerable to OpenSSH exploits.
- Servers with closed SSH ports.
- Total number of targets scanned.
## Notes
- Ensure that you have appropriate permissions to scan the target hosts.
- Use responsibly and only on systems you are authorized to test.