Share
## https://sploitus.com/exploit?id=54E1BB01-2C69-5AFD-A23D-9783C9D9FC4C
# OpenSSH Vulnerability Scanner for CVE-2023-48795

This Python-based tool scans systems for OpenSSH installations and checks if they are vulnerable to **CVE-2023-48795**, a critical vulnerability that affects versions earlier than **OpenSSH 9.6**. The script provides a detailed report of the scanned systems, including recommendations for upgrading if vulnerabilities are found.

---

## CVE-2023-48795: Vulnerability Overview

- **CVE ID**: CVE-2023-48795
- **Description**: A vulnerability in OpenSSH before version 9.6 could allow remote attackers to bypass security mechanisms or execute unauthorized actions.  
- **Solution**: Upgrade to **OpenSSH version 9.6 or later**.

---

## Features

- Detects and checks OpenSSH and SSHD versions on specified IPs.
- Supports both single IP scans and bulk scans from a file.
- Multi-threaded for efficient scanning of multiple hosts.
- Automatically downloads and installs missing `which`, `ssh`, or `sshd` binaries.
- Saves results in a randomly named JSON file for easy reference.
- Color-coded and bold output for clear vulnerability status reporting.

---

## Requirements

- Python 3.x
- Internet access (for downloading dependencies and OpenSSH binaries if necessary)
- `pip` (for dependency management)

### Dependencies

- **colorama**: Provides colorful terminal output.
- **termcolor**: Adds color formatting for text.

These dependencies are automatically installed when running the script.

---

## Installation

Clone the repository:

```bash
git clone https://github.com/TrixSec/CVE-2023-48795.git
cd CVE-2023-48795
```

---

## Usage

Run the script with the following options:

### Scan a Single IP

```bash
python CVE-2023-48795.py --ip <IP_ADDRESS>
```

Example:
```bash
python CVE-2023-48795.py --ip 192.168.1.10
```

### Scan Multiple IPs from a File

```bash
python CVE-2023-48795.py --ip <PATH_TO_FILE>
```

Example:
```bash
python CVE-2023-48795.py --ip ips.txt
```

You will be prompted to enter the number of threads for scanning.

---

## Output

Results are saved in the `output` directory with a randomly generated file name (e.g., `123456.json`).  
The file contains information about each scanned IP and its vulnerability status.

Example result:

```json
[
    {
        "ip": "192.168.1.10",
        "ssh_version": 9.5,
        "sshd_version": 9.5,
        "status": "Vulnerable"
    },
    {
        "ip": "192.168.1.15",
        "ssh_version": 9.6,
        "sshd_version": 9.6,
        "status": "Safe"
    }
]
```

---

## Disclaimer

Use this tool responsibly and only on systems you own or have permission to test. Unauthorized scanning of external systems may violate laws and policies.


**Repository Views** ![Views](https://profile-counter.glitch.me/CVE-2023-48795/count.svg)