Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/jobroche/libssh-scanner
Script to identify hosts vulnerable to CVE-2018-10933
https://github.com/jobroche/libssh-scanner
Last synced: about 2 months ago
JSON representation
Script to identify hosts vulnerable to CVE-2018-10933
- Host: GitHub
- URL: https://github.com/jobroche/libssh-scanner
- Owner: jobroche
- License: mit
- Created: 2018-10-17T23:05:10.000Z (about 6 years ago)
- Default Branch: master
- Last Pushed: 2018-11-04T17:29:33.000Z (about 6 years ago)
- Last Synced: 2024-08-11T17:10:13.740Z (3 months ago)
- Language: Python
- Homepage: https://www.leapsecurity.io/blog/cve-2018-10933-libssh-authentication-bypass-tool/
- Size: 22.5 KB
- Stars: 232
- Watchers: 18
- Forks: 53
- Open Issues: 2
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# libssh scanner
## Introduction
* * *
This is a python based script to identify hosts vulnerable to CVE-2018-10933. Libssh scanner has two modes: passive (banner grabbing) and aggressive (bypass auth) to validate vulnerability's existence. By default, libssh scanner uses passive mode but supply the -a argument and aggressive mode will be used which provides more accurate results.
The vulnerability is present on versions of libssh 0.6+ and was remediated by a patch present in libssh 0.7.6 and 0.8.4. For more details:
## Installation
* * *
Run `pip install -r requirements.txt` within the cloned libssh-scanner directory.
## Help
* * *
libssh Scanner - Find vulnerable libssh services by Leap Security (@LeapSecurity)
positional arguments:
target An ip address or new line delimited file containing
IPs to search for the vulnerability.
optional arguments:
-h, --help show this help message and exit
-v, --version show program's version number and exit
-p PORT, --port PORT Set port of SSH service
-a, --aggressive Identify vulnerable hosts by bypassing authentication