Share
## https://sploitus.com/exploit?id=F58A5CB2-2174-586F-9CA9-4C47F8F38B5E
# OpenSSH CVE-2024-6387 Mitigation Script

This repository contains a Python script designed to help network administrators scan and secure SSH configurations against the CVE-2024-6387 vulnerability found in OpenSSH's signal handling mechanism. 
This vulnerability, if exploited, can allow unauthorized access or denial of service attacks due to race conditions during authentication timeouts.

## Background

CVE-2024-6387 targets a race condition issue in OpenSSH where failure to authenticate within the `LoginGraceTime` can lead to potential security vulnerabilities. 
This script helps in identifying and mitigating such risks by adjusting server configurations and ensuring systems are updated and secure.

## Features

- **SSH Configuration Scanning**: Automatically scans the SSH configurations of network hosts.
- **LoginGraceTime Adjustment**: Suggests or makes adjustments to the `LoginGraceTime` parameter to secure SSH servers.
- **Reporting**: Generates a detailed report of the current SSH configurations and any changes applied.

## Prerequisites

Before running this script, ensure you have the following:
- Python 3.6 or higher
- Paramiko library installed (`pip install paramiko`)

## Installation

Clone this repository to your local machine:

git clone https://github.com/grupooruss/CVE-2024-6387-Tester.git
cd CVE-2024-6387-Tester

To run the script, execute the following command in your terminal: CVE-2024-6387.py

Make sure to modify the script with appropriate credentials and IP addresses of the servers you intend to scan.

## License 

This project is licensed under the MIT License - see the LICENSE.md file for details.
Contact

For any inquiries or contributions, please contact www.grupooruss.com or open an issue in this repository.

## Acknowledgments

    Thanks to all contributors who have helped in identifying and mitigating this vulnerability:
https://blog.qualys.com/vulnerabilities-threat-research/2024/07/01/regresshion-remote-unauthenticated-code-execution-vulnerability-in-openssh-server
    Special thanks to cybersecurity researchers and network administrators dedicated to improving network security.