## https://sploitus.com/exploit?id=54E1BB01-2C69-5AFD-A23D-9783C9D9FC4C
# OpenSSH Vulnerability Scanner for CVE-2023-48795
This Python-based tool scans systems for OpenSSH installations and checks if they are vulnerable to **CVE-2023-48795**, a critical vulnerability that affects versions earlier than **OpenSSH 9.6**. The script provides a detailed report of the scanned systems, including recommendations for upgrading if vulnerabilities are found.
---
## CVE-2023-48795: Vulnerability Overview
- **CVE ID**: CVE-2023-48795
- **Description**: A vulnerability in OpenSSH before version 9.6 could allow remote attackers to bypass security mechanisms or execute unauthorized actions.
- **Solution**: Upgrade to **OpenSSH version 9.6 or later**.
---
## Features
- Detects and checks OpenSSH and SSHD versions on specified IPs.
- Supports both single IP scans and bulk scans from a file.
- Multi-threaded for efficient scanning of multiple hosts.
- Automatically downloads and installs missing `which`, `ssh`, or `sshd` binaries.
- Saves results in a randomly named JSON file for easy reference.
- Color-coded and bold output for clear vulnerability status reporting.
---
## Requirements
- Python 3.x
- Internet access (for downloading dependencies and OpenSSH binaries if necessary)
- `pip` (for dependency management)
### Dependencies
- **colorama**: Provides colorful terminal output.
- **termcolor**: Adds color formatting for text.
These dependencies are automatically installed when running the script.
---
## Installation
Clone the repository:
```bash
git clone https://github.com/TrixSec/CVE-2023-48795.git
cd CVE-2023-48795
```
---
## Usage
Run the script with the following options:
### Scan a Single IP
```bash
python CVE-2023-48795.py --ip <IP_ADDRESS>
```
Example:
```bash
python CVE-2023-48795.py --ip 192.168.1.10
```
### Scan Multiple IPs from a File
```bash
python CVE-2023-48795.py --ip <PATH_TO_FILE>
```
Example:
```bash
python CVE-2023-48795.py --ip ips.txt
```
You will be prompted to enter the number of threads for scanning.
---
## Output
Results are saved in the `output` directory with a randomly generated file name (e.g., `123456.json`).
The file contains information about each scanned IP and its vulnerability status.
Example result:
```json
[
{
"ip": "192.168.1.10",
"ssh_version": 9.5,
"sshd_version": 9.5,
"status": "Vulnerable"
},
{
"ip": "192.168.1.15",
"ssh_version": 9.6,
"sshd_version": 9.6,
"status": "Safe"
}
]
```
---
## Disclaimer
Use this tool responsibly and only on systems you own or have permission to test. Unauthorized scanning of external systems may violate laws and policies.
**Repository Views** 