## https://sploitus.com/exploit?id=F58A5CB2-2174-586F-9CA9-4C47F8F38B5E
# OpenSSH CVE-2024-6387 Mitigation Script
This repository contains a Python script designed to help network administrators scan and secure SSH configurations against the CVE-2024-6387 vulnerability found in OpenSSH's signal handling mechanism.
This vulnerability, if exploited, can allow unauthorized access or denial of service attacks due to race conditions during authentication timeouts.
## Background
CVE-2024-6387 targets a race condition issue in OpenSSH where failure to authenticate within the `LoginGraceTime` can lead to potential security vulnerabilities.
This script helps in identifying and mitigating such risks by adjusting server configurations and ensuring systems are updated and secure.
## Features
- **SSH Configuration Scanning**: Automatically scans the SSH configurations of network hosts.
- **LoginGraceTime Adjustment**: Suggests or makes adjustments to the `LoginGraceTime` parameter to secure SSH servers.
- **Reporting**: Generates a detailed report of the current SSH configurations and any changes applied.
## Prerequisites
Before running this script, ensure you have the following:
- Python 3.6 or higher
- Paramiko library installed (`pip install paramiko`)
## Installation
Clone this repository to your local machine:
git clone https://github.com/grupooruss/CVE-2024-6387-Tester.git
cd CVE-2024-6387-Tester
To run the script, execute the following command in your terminal: CVE-2024-6387.py
Make sure to modify the script with appropriate credentials and IP addresses of the servers you intend to scan.
## License
This project is licensed under the MIT License - see the LICENSE.md file for details.
Contact
For any inquiries or contributions, please contact www.grupooruss.com or open an issue in this repository.
## Acknowledgments
Thanks to all contributors who have helped in identifying and mitigating this vulnerability:
https://blog.qualys.com/vulnerabilities-threat-research/2024/07/01/regresshion-remote-unauthenticated-code-execution-vulnerability-in-openssh-server
Special thanks to cybersecurity researchers and network administrators dedicated to improving network security.