关联漏洞
标题:
OpenSSH 安全漏洞
(CVE-2023-48795)
描述:OpenSSH(OpenBSD Secure Shell)是加拿大OpenBSD计划组的一套用于安全访问远程计算机的连接工具。该工具是SSH协议的开源实现,支持对所有的传输进行加密,可有效阻止窃听、连接劫持以及其他网络级的攻击。 OpenSSH 9.6之前版本存在安全漏洞,该漏洞源于允许远程攻击者绕过完整性检查,从而省略某些数据包。
描述
A Python-based tool to check for vulnerabilities in OpenSSH installations on local or remote systems by scanning specific IPs. It checks if the OpenSSH version is affected by CVE-2023-48795
介绍
# OpenSSH Vulnerability Scanner for CVE-2023-48795
This Python-based tool scans systems for OpenSSH installations and checks if they are vulnerable to **CVE-2023-48795**, a critical vulnerability that affects versions earlier than **OpenSSH 9.6**. The script provides a detailed report of the scanned systems, including recommendations for upgrading if vulnerabilities are found.
---
## CVE-2023-48795: Vulnerability Overview
- **CVE ID**: CVE-2023-48795
- **Description**: A vulnerability in OpenSSH before version 9.6 could allow remote attackers to bypass security mechanisms or execute unauthorized actions.
- **Solution**: Upgrade to **OpenSSH version 9.6 or later**.
---
## Features
- Detects and checks OpenSSH and SSHD versions on specified IPs.
- Supports both single IP scans and bulk scans from a file.
- Multi-threaded for efficient scanning of multiple hosts.
- Automatically downloads and installs missing `which`, `ssh`, or `sshd` binaries.
- Saves results in a randomly named JSON file for easy reference.
- Color-coded and bold output for clear vulnerability status reporting.
---
## Requirements
- Python 3.x
- Internet access (for downloading dependencies and OpenSSH binaries if necessary)
- `pip` (for dependency management)
### Dependencies
- **colorama**: Provides colorful terminal output.
- **termcolor**: Adds color formatting for text.
These dependencies are automatically installed when running the script.
---
## Installation
Clone the repository:
```bash
git clone https://github.com/TrixSec/CVE-2023-48795.git
cd CVE-2023-48795
```
---
## Usage
Run the script with the following options:
### Scan a Single IP
```bash
python CVE-2023-48795.py --ip <IP_ADDRESS>
```
Example:
```bash
python CVE-2023-48795.py --ip 192.168.1.10
```
### Scan Multiple IPs from a File
```bash
python CVE-2023-48795.py --ip <PATH_TO_FILE>
```
Example:
```bash
python CVE-2023-48795.py --ip ips.txt
```
You will be prompted to enter the number of threads for scanning.
---
## Output
Results are saved in the `output` directory with a randomly generated file name (e.g., `123456.json`).
The file contains information about each scanned IP and its vulnerability status.
Example result:
```json
[
{
"ip": "192.168.1.10",
"ssh_version": 9.5,
"sshd_version": 9.5,
"status": "Vulnerable"
},
{
"ip": "192.168.1.15",
"ssh_version": 9.6,
"sshd_version": 9.6,
"status": "Safe"
}
]
```
---
## Disclaimer
Use this tool responsibly and only on systems you own or have permission to test. Unauthorized scanning of external systems may violate laws and policies.
**Repository Views** 
文件快照
[4.0K] /data/pocs/9f272f77ff74c8c422a66f994e1ca663dd246adf
├── [6.0K] CVE-2023-48795.py
├── [ 34K] LICENSE
└── [2.7K] README.md
0 directories, 3 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。