Skip to content
/ CVE-2024-6387 Public

This script, created by R4Tw1z, is designed to scan IP addresses to check if they are running a potentially vulnerable version of OpenSSH. The tool leverages multi-threading to optimize scanning performance and handle multiple IP addresses concurrently.

1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

R4Tw1z/CVE-2024-6387

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
README.md
README.md
 
 
scanSSH.py
scanSSH.py
 
 

Repository files navigation

CVE-2024-6387

This script, created by R4Tw1z, is designed to scan IP addresses to check if they are running a potentially vulnerable version of OpenSSH.This script is a faster and simpler version of an OpenSSH vulnerability scanner. The tool leverages multi-threading to optimize scanning performance and handle multiple IP addresses concurrently.

Key Features and Functionality:

Input Handling: The script accepts IP addresses, domain names, file paths containing IP addresses, or CIDR network ranges as input. IP addresses can be provided directly or read from a file.

Port and Timeout Configuration: Users can specify the port to check (default is port 22, commonly used for SSH). A connection timeout value can also be set, with a default of 1 second.

Multi-threading: The script uses a thread pool to process IP addresses concurrently, improving scanning speed. The number of worker threads can be configured (default is 10).

Port Status Check: The script first checks if the specified port is open on each IP address.

SSH Banner Retrieval: If the port is open, the script attempts to retrieve the SSH banner from the server. The banner is analyzed to determine if the SSH service is a potentially vulnerable version of OpenSSH.

Vulnerability Assessment: A predefined set of vulnerable OpenSSH versions is checked against the retrieved banner. Results are categorized into vulnerable, not vulnerable, and closed port statuses.

Results Output: The script outputs the number of servers that are not vulnerable, likely vulnerable, and those with the port closed.

Usage

Basic Usage

  python r4tw1z.py <targets> [options]

"Targets": IP addresses, domain names, file paths containing IP addresses, or CIDR network ranges to scan.

Options

--port PORT (default: 22): Specify the port number to check.
-t, --timeout TIMEOUT (default: 1.0): Set the connection timeout in seconds.
-w, --workers NUM (default: 10): Define the number of worker threads for concurrent scanning.
-o, --output FILE (optional): Output the results to a specified file.
-c, --custom_banners BANNER1 BANNER2 ... (optional): List custom SSH banners to check for vulnerabilities.
-v, --verbose: Enable verbose mode to display detailed information about each scanned server.
-r, --retries NUM (default: 3): Set the number of retries for each connection attempt.

Examples

Scan a list of IP addresses:

python r4tw1z.py 192.168.1.1 192.168.1.2

Scan a CIDR range with verbose output:

python r4tw1z.py 192.168.1.0/24 -v

Scan a file containing IP addresses and save results to a file:

python r4tw1z.py ips.txt -o results.txt

Scan with custom SSH banners:

python r4tw1z.py 192.168.1.1 -c "SSH-2.0-CustomBanner1" "SSH-2.0-CustomBanner2"

Scan with retries and multiple worker threads:

python r4tw1z.py 192.168.1.1 -r 5 -w 20

Contributing

Feel free to fork this repository and submit pull requests. Contributions to improve the tool are always welcome!

About

This script, created by R4Tw1z, is designed to scan IP addresses to check if they are running a potentially vulnerable version of OpenSSH. The tool leverages multi-threading to optimize scanning performance and handle multiple IP addresses concurrently.

Resources

Readme
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages