POC详情: 9f272f77ff74c8c422a66f994e1ca663dd246adf

来源
关联漏洞
标题: OpenSSH 安全漏洞 (CVE-2023-48795)
描述:OpenSSH(OpenBSD Secure Shell)是加拿大OpenBSD计划组的一套用于安全访问远程计算机的连接工具。该工具是SSH协议的开源实现,支持对所有的传输进行加密,可有效阻止窃听、连接劫持以及其他网络级的攻击。 OpenSSH 9.6之前版本存在安全漏洞,该漏洞源于允许远程攻击者绕过完整性检查,从而省略某些数据包。
描述
A Python-based tool to check for vulnerabilities in OpenSSH installations on local or remote systems by scanning specific IPs. It checks if the OpenSSH version is affected by CVE-2023-48795
介绍
# OpenSSH Vulnerability Scanner for CVE-2023-48795

This Python-based tool scans systems for OpenSSH installations and checks if they are vulnerable to **CVE-2023-48795**, a critical vulnerability that affects versions earlier than **OpenSSH 9.6**. The script provides a detailed report of the scanned systems, including recommendations for upgrading if vulnerabilities are found.

---

## CVE-2023-48795: Vulnerability Overview

- **CVE ID**: CVE-2023-48795
- **Description**: A vulnerability in OpenSSH before version 9.6 could allow remote attackers to bypass security mechanisms or execute unauthorized actions.  
- **Solution**: Upgrade to **OpenSSH version 9.6 or later**.

---

## Features

- Detects and checks OpenSSH and SSHD versions on specified IPs.
- Supports both single IP scans and bulk scans from a file.
- Multi-threaded for efficient scanning of multiple hosts.
- Automatically downloads and installs missing `which`, `ssh`, or `sshd` binaries.
- Saves results in a randomly named JSON file for easy reference.
- Color-coded and bold output for clear vulnerability status reporting.

---

## Requirements

- Python 3.x
- Internet access (for downloading dependencies and OpenSSH binaries if necessary)
- `pip` (for dependency management)

### Dependencies

- **colorama**: Provides colorful terminal output.
- **termcolor**: Adds color formatting for text.

These dependencies are automatically installed when running the script.

---

## Installation

Clone the repository:

```bash
git clone https://github.com/TrixSec/CVE-2023-48795.git
cd CVE-2023-48795
```

---

## Usage

Run the script with the following options:

### Scan a Single IP

```bash
python CVE-2023-48795.py --ip <IP_ADDRESS>
```

Example:
```bash
python CVE-2023-48795.py --ip 192.168.1.10
```

### Scan Multiple IPs from a File

```bash
python CVE-2023-48795.py --ip <PATH_TO_FILE>
```

Example:
```bash
python CVE-2023-48795.py --ip ips.txt
```

You will be prompted to enter the number of threads for scanning.

---

## Output

Results are saved in the `output` directory with a randomly generated file name (e.g., `123456.json`).  
The file contains information about each scanned IP and its vulnerability status.

Example result:

```json
[
    {
        "ip": "192.168.1.10",
        "ssh_version": 9.5,
        "sshd_version": 9.5,
        "status": "Vulnerable"
    },
    {
        "ip": "192.168.1.15",
        "ssh_version": 9.6,
        "sshd_version": 9.6,
        "status": "Safe"
    }
]
```

---

## Disclaimer

Use this tool responsibly and only on systems you own or have permission to test. Unauthorized scanning of external systems may violate laws and policies.


**Repository Views** ![Views](https://profile-counter.glitch.me/CVE-2023-48795/count.svg) 
文件快照

[4.0K] /data/pocs/9f272f77ff74c8c422a66f994e1ca663dd246adf ├── [6.0K] CVE-2023-48795.py ├── [ 34K] LICENSE └── [2.7K] README.md 0 directories, 3 files
神龙机器人已为您缓存
备注
    1. 建议优先通过来源进行访问。
    2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
    3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。