CVE-2024-6387 – CHECK_VULN

Reading Time: < 1 minute

Last Updated: 10/09/2024

While there is a NMAP script which is OK for checking this vulnerability, I did find something on GITHUB that seemed to test a little better.

mkdir check_vuln
cd check_vuln
wget https://github.com/betancour/OpenSSH-Vulnerability-test/blob/main/check_vuln.c

The Makefile can consist of.

check_vuln: check_vuln.c
    gcc check_vuln.c -o check_vuln

PLEASE NOTE:

You can between lines 93,94 insert one line which will bring a little more clarity to the situation.

printf("%s", banner);


The reason I ended up printing the banner was for a reality check. I KNEW what I thought I was supposed to be getting back. After all I could type “ssh -V” and see that. But it turned out the service file was still pointing to an older version of “sshd” and so the OLD version was being called. This is what helped me confirm this. After that, I wrote a new service file and moved on.

This entry was posted in Security. Bookmark the permalink.