regresshion-check is a Rust CLI tool to check SSH servers for vulnerability to CVE-2024-6387. It takes in a single IP or multiple IPs/CIDRs separated by newlines in a file. It includes the reverse DNS lookup and version string with any IPs detected as vulnerable.
(IPs listed in readme are examples only -- do not use)
- Rust and Cargo installed. You can install Rust and Cargo using rustup.
-
Clone the repository:
git clone [email protected]:wiggels/regresshion-check.git cd regresshion-check
-
Build the application:
cargo build --release
To scan a single IP address, use the --individual option followed by the IP address:
regresshion-check --individual <ip-address>Example usage:
regresshion-check --individual 215.227.162.32To scan multiple IP addresses listed in a file, use the --file option followed by the input file:
Example file contents:
215.227.64.0/24
215.227.162.32
Example usage:
regresshion-check --file /path/to/file/here.txtThe scanning job batches based on the current ulimit size minus a buffer of 64. If you would like this application to run faster when doing larger CIDRs/lists, raise the ulimit. Example: ulimit -n 8192
{
"unknown": 226,
"patched": 29,
"vulnerable": 2,
"vulnerable_ips": [
{
"ip": "215.227.162.32",
"hostname": "some.server.somewhere.com",
"version": "SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.7"
},
{
"ip": "215.227.64.156",
"hostname": "another.server.somewhere.com",
"version": "SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.7"
}
]
}