The OpenSSH CVE Scanner is a Python script designed to scan multiple SSH targets for vulnerabilities based on their OpenSSH version. It utilizes threading for concurrent scanning and integrates logging with colored output for enhanced visibility.
- Multi-threaded Scanning: Utilizes threading to concurrently scan multiple targets, improving efficiency.
- CVE Vulnerability Detection: Checks SSH versions against a predefined list of CVE vulnerabilities to determine if a version is vulnerable.
- Logging and Output: Logs scan results to a file (
scan.log) and optionally saves vulnerable targets to an output file. - Color-coded Output: Uses Colorama and Coloredlogs to provide color-coded terminal output for clear status indication.
- Interrupt Handling: Supports Ctrl+C to gracefully terminate the script while ensuring ongoing threads complete their tasks.
-
Setup:
- Ensure Python dependencies (
coloredlogs,packaging) are installed (pip install coloredlogs packaging).
- Ensure Python dependencies (
-
Running the Scanner:
- Provide a file (
-f) containing a list of targets in the formatip:port. - Optionally specify an output file (
-o) to save vulnerable targets. - Adjust the number of threads (
-t) based on system resources or scanning requirements.
- Provide a file (
-
Example Command:
python open_ssh_scanner.py -f targets.txt -o vulnerable_ips.txt -t 5