# CVE-2024-6387 Vulnerability Checker

### Overview
This Python script is designed to check SSH servers for the CVE-2024-6387 vulnerability, specifically targeting the recently discovered **regreSSHion**, which is associated with specific versions of OpenSSH. The tool supports multiple IP addresses, URLs, CIDR ranges, and ports, and can also read addresses from a file. The results are displayed in a categorized and color-coded manner for better readability.


### Features
- **Customizable**: Specify multiple IP addresses, URLs, CIDR ranges, and ports.
- **File Input Support**: Read addresses and ranges from a file.
- **Color-Coded Output**: Easily distinguish between vulnerable, safe, unknown, and error results.
- **Network Range Handling**: Automatically expands CIDR ranges into individual IP addresses.

### Output

* SAFE: Non-vulnerable servers.
* VULNERABLE: Servers running a vulnerable version of OpenSSH.
* UNKNOWN: Servers with an unknown SSH version.
* ERROR: Servers that could not be accessed or resolved.


### Usage
### Command Line 

To run the script with multiple IPs, URLs, or CIDR ranges directly from the command line:
python3 <addresses> -p <ports> -t <timeout> 
* addresses: IP addresses, URLs, or CIDR ranges to check (space-separated).

* -p, --ports: Comma-separated list of port numbers for SSH (default: 22).

* -t, --timeout: Connection timeout in seconds (default: 5.0).

<img width="732" alt="image" src="">

### From a File

To run the script with addresses specified in a file:
python3 -f <filename> -p <ports> -t <timeout>
* filename: File containing a list of IP addresses or CIDR ranges.

<img width="870" alt="image" src="">

### Example Usage

To check multiple IPs, URLs, or CIDR ranges directly from the command line:

python3 -p 22,2222 -t 5.0

* To check addresses from a file:
python3 -f addresses.txt -p 22,2222 -t 5.0

Example addresses.txt file:

## Contributing

### Contributions are welcome! Please follow these steps to contribute:

**1. Fork the Repository:** Click the **"Fork"** button at the top right of this page.

**2. Clone Your Fork:** Clone your forked repository to your local machine:
git clone
cd CVE-2024-6387-Vulnerability-Checker
**3. Create a Branch:** Create a new branch for your feature or bugfix.
git checkout -b my-feature-branch

**4. Make Changes:** Make your changes to the code.

**5. Commit Your Changes:** Commit your changes with a descriptive commit message.
git add .
git commit -m "Description of the changes"

**6. Push Your Branch:** Push your branch to your forked repository.

git push origin my-feature-branch

**7. Create a Pull Request:** Go to the original repository on GitHub, and click **"New Pull Request"**. 
Select your branch from the compare dropdown, and submit your pull request.


### Launch

[July 09th-2024]

-  First Version - Launch 
### References
[Qualys's Blog - regreSSHion: Remote Unauthenticated Code Execution Vulnerability in OpenSSH server](