/CVE-2024-6387-exploit

CVE-2024-6387 exploit

Primary LanguagePython

SSH Vulnerability Scanner

The SSH Vulnerability Scanner is a Python script that uses Nmap to scan a list of domains for vulnerable SSH versions. It checks multiple ports for SSH services and identifies versions that are known to have security vulnerabilities.

Features

  • Scans multiple domains from a file, one domain per line.
  • Checks all ports for SSH service (comprehensive port scanning).
  • Identifies and highlights vulnerable SSH versions.
  • Uses threading for concurrent scanning to improve performance.
  • Handles errors gracefully, including DNS resolution failures.
  • Outputs results with colored formatting for clear visibility.

Requirements

  • Python 3.x
  • Python nmap library (python3-nmap)
  • Python termcolor library (termcolor)

Installation

  1. Clone the repository:

    git clone https://github.com/thegenetic/CVE-2024-6387-exploit.git
    cd CVE-2024-6387-exploit
    
  2. Install dependencies:

    pip install -r requirements.txt
    

Usage

  1. Create a text file (domains.txt) containing domains to scan, with one domain per line.
  2. Run the script with the file path as an argument:
    python CVE-2024-6387.py domains.txt
    

Options

  • The script uses Nmap with the following options:
    • -Pn: Treat all hosts as online (skip host discovery).
    • -sV: Probe open ports to determine service/version info.
    • -p-: Scan all 65535 ports.
    • --script ssh2-enum-algos,ssh-auth-methods,ssh-hostkey,ssh-run,sshv1: Use SSH specific scripts for more detailed information.

Example Output

$ python CVE-2024-6387.py domains.txt

Scanning example.com (93.184.216.34)...
[example.com] SSH version detected on port 22: SSH-2.0-OpenSSH_8.8p1
[example.com] SSH version detected on port 2222: SSH-2.0-OpenSSH_8.6p1
...

Scan Results:
example.com (22): SSH-2.0-OpenSSH_8.8p1
example.com (2222): SSH-2.0-OpenSSH_8.6p1
example.com (none): No SSH version detected on open ports

...

$ cat domains.txt
example.com
...