Share
## https://sploitus.com/exploit?id=EFD615F0-8F17-5471-AA83-0F491FD497AF
# CVE-2024-6387 Vulnerability Checker

### Overview
This Python script is designed to check SSH servers for the CVE-2024-6387 vulnerability, specifically targeting the recently discovered **regreSSHion**, which is associated with specific versions of OpenSSH. The tool supports multiple IP addresses, URLs, CIDR ranges, and ports, and can also read addresses from a file. The results are displayed in a categorized and color-coded manner for better readability.

![regreSSHion](https://ik.imagekit.io/qualys/wp-content/uploads/2024/06/Q-regreSSHion-1200x628-1-1070x560.jpg)

Created by **[Filipi Pires - Senior Threat Researcher & Cybersecurity Advocate](https://github.com/filipi86)**

### Features
- **Customizable**: Specify multiple IP addresses, URLs, CIDR ranges, and ports.
- **File Input Support**: Read addresses and ranges from a file.
- **Color-Coded Output**: Easily distinguish between vulnerable, safe, unknown, and error results.
- **Network Range Handling**: Automatically expands CIDR ranges into individual IP addresses.

### Output

* SAFE: Non-vulnerable servers.
* VULNERABLE: Servers running a vulnerable version of OpenSSH.
* UNKNOWN: Servers with an unknown SSH version.
* ERROR: Servers that could not be accessed or resolved.

---

### Usage
### Command Line 

To run the script with multiple IPs, URLs, or CIDR ranges directly from the command line:
```
python3 CVE-2024-6387-Vulnerability-Checker.py <addresses> -p <ports> -t <timeout> 
```
* addresses: IP addresses, URLs, or CIDR ranges to check (space-separated).

* -p, --ports: Comma-separated list of port numbers for SSH (default: 22).

* -t, --timeout: Connection timeout in seconds (default: 5.0).

<img width="732" alt="image" src="https://github.com/filipi86/CVE-2024-6387-Vulnerability-Checker/assets/31785433/ed30e62a-3fff-4c40-8751-9a1bdd18adc1">

### From a File

To run the script with addresses specified in a file:
```
python3 CVE-2024-6387-Vulnerability-Checker.py -f <filename> -p <ports> -t <timeout>
```
* filename: File containing a list of IP addresses or CIDR ranges.

<img width="870" alt="image" src="https://github.com/filipi86/CVE-2024-6387-Vulnerability-Checker/assets/31785433/14eb7210-eb02-4d7e-bf36-f05fa3b08759">

### Example Usage

To check multiple IPs, URLs, or CIDR ranges directly from the command line:

```
python3 CVE-2024-6387-Vulnerability-Checker.py 192.168.1.1 192.168.1.2 192.168.1.0/24 example.com -p 22,2222 -t 5.0
```

* To check addresses from a file:
```
python3 CVE-2024-6387-Vulnerability-Checker.py -f addresses.txt -p 22,2222 -t 5.0
```

Example addresses.txt file:
```
192.168.1.1
example.com
192.168.1.0/24
```
---

## Contributing

### Contributions are welcome! Please follow these steps to contribute:

**1. Fork the Repository:** Click the **"Fork"** button at the top right of this page.

**2. Clone Your Fork:** Clone your forked repository to your local machine:
```
git clone https://github.com/YOUR_USERNAME/CVE-2024-6387-Vulnerability-Checker.git
cd CVE-2024-6387-Vulnerability-Checker
```
**3. Create a Branch:** Create a new branch for your feature or bugfix.
```
git checkout -b my-feature-branch
```

**4. Make Changes:** Make your changes to the code.

**5. Commit Your Changes:** Commit your changes with a descriptive commit message.
```
git add .
git commit -m "Description of the changes"
```

**6. Push Your Branch:** Push your branch to your forked repository.

```
git push origin my-feature-branch
```

**7. Create a Pull Request:** Go to the original repository on GitHub, and click **"New Pull Request"**. 
Select your branch from the compare dropdown, and submit your pull request.

---

### Launch

[July 09th-2024]
-  First Version - Launch

[August 28th-2024]
-  Repository Updated
---
### References
[Qualys's Blog - regreSSHion: Remote Unauthenticated Code Execution Vulnerability in OpenSSH server](https://blog.qualys.com/vulnerabilities-threat-research/2024/07/01/regresshion-remote-unauthenticated-code-execution-vulnerability-in-openssh-server)