Share
## https://sploitus.com/exploit?id=CF80DDA9-42E7-5E06-8DA8-84C72658E191
# OpenSSH CVE-2024-6387 Vulnerability Checker

## Overview

This C program scans specified IP addresses or network ranges to check if the servers are running a potentially vulnerable version of OpenSSH. It checks if the SSH port (default is 22) is open, retrieves the SSH banner, and determines if the server is running a version known to have vulnerabilities.

## Compilation

To compile the program, use the following command:

```bash
gcc check_vuln.c -o check_vuln -lpthread
```

## Usage

### Basic Usage

To scan multiple IP addresses, pass them as arguments:

```bash
./check_vuln 192.168.1.1 192.168.1.2 10.0.0.1
```

### Specifying a Custom Port

If you want to specify a different port, use the `--port` option:

```bash
./check_vuln 192.168.1.1 192.168.1.2 10.0.0.1 --port 2222
```

### Using a File with IP Addresses

If you have a file with a list of IP addresses (one per line), you can pass the filename as an argument:

```bash
./check_vuln ip_list.txt
```

### Using CIDR Notation

You can also specify CIDR notation to scan an entire subnet:

```bash
./check_vuln 192.168.1.0/24
```

## Example Commands

1. **Scan multiple IP addresses on the default port (22)**:

   ```bash
   ./check_vuln 192.168.1.1 192.168.1.2 10.0.0.1
   ```

2. **Scan multiple IP addresses on a custom port (e.g., 2222)**:

   ```bash
   ./check_vuln 192.168.1.1 192.168.1.2 10.0.0.1 --port 2222
   ```

3. **Scan IP addresses from a file**:

   ```bash
   ./check_vuln ip_list.txt
   ```

4. **Scan an entire subnet using CIDR notation**:

   ```bash
   ./check_vuln 192.168.1.0/24
   ```

## Output Interpretation

The program will print the results of the scan, including the number of servers that are not vulnerable, likely vulnerable, and those with port 22 closed. For example:

```plaintext
๐Ÿ›ก๏ธ Servers not vulnerable: 1
   [+] Server at 192.168.1.1

๐Ÿšจ Servers likely vulnerable: 1
   [+] Server at 192.168.1.2

๐Ÿ”’ Servers with port 22 closed: 1

๐Ÿ“Š Total scanned targets: 3
```

## License

This project is licensed under the MIT License - see the [LICENSE](LICENSE) file for details.

## Disclaimer

This tool is intended for educational and ethical testing purposes only. Unauthorized use of this tool to scan systems without permission is illegal and unethical.