jh00nbr/check_version_libssh_auth_bypass.py

## check_version_libssh_auth_bypass.py
#!/usr/bin/python3
# -*- coding: utf-8 -*-

# Author: Jhonathan Davi @jh00nbr
# insightl4b.com
# github.com/jh00nbr
# Twitter: @jh00nbr

# CVE-2018-10933 - libSSH Authentication Bypass Server Version Check
# Reference: https://github.com/blacknbunny/libSSH-Authentication-Bypass/blob/master/checkversionofserver.py

import socket
import argparse
import sys

parser = argparse.ArgumentParser(description="CVE-2018-10933 - libSSH Authentication Bypass Server Version Check")
parser.add_argument('--host', help='Host')
parser.add_argument('-p', '--port', help='libSSH port', default=2222)

args = parser.parse_args()

host = args.host
port = args.port

patched_version = ['0.8.4', '0.7.6']
colors = {'MAGENTA':'\033[35mMagenta','BLUE': '\033[34m', 'OK' : '\033[92m', 'ERRO' : '\033[91m', 'WARNING' : '\033[93m', 'UNDERLINE':'\033[4m','ENDC' : '\033[0m'}


def ch3ck_version(host,port):
        try:
                sock = socket.socket()
                sock.connect(("{0}".format(host), int(port)))
                data = sock.recv(1024).strip()
                sock.close()

                if 'libssh' in data:
                        v = [data.split('_')[1]][0] # Example: SSH-2.0-libssh_0.8.3

                        if v not in patched_version:
                                print("[ {host} ] --> \t [ {red} VULNERABLE {end}]".format(host=host,red=colors['ERRO'],end=colors['ENDC']))
                        else:
                                print("[ {host} ] --> \t [ {blue} OK {end} ]".format(host=host,blue=colors['BLUE'],end=colors['ENDC']))

        except socket.error as e:
                print("[-] Connect refused")
                sys.exit(1)

if __name__ == '__main__':
        ch3ck_version(host,port)
	#!/usr/bin/python3
	# -- coding: utf-8 --

	# Author: Jhonathan Davi @jh00nbr
	# insightl4b.com
	# github.com/jh00nbr
	# Twitter: @jh00nbr

	# CVE-2018-10933 - libSSH Authentication Bypass Server Version Check
	# Reference: https://github.com/blacknbunny/libSSH-Authentication-Bypass/blob/master/checkversionofserver.py

	import socket
	import argparse
	import sys

	parser = argparse.ArgumentParser(description="CVE-2018-10933 - libSSH Authentication Bypass Server Version Check")
	parser.add_argument('--host', help='Host')
	parser.add_argument('-p', '--port', help='libSSH port', default=2222)

	args = parser.parse_args()

	host = args.host
	port = args.port

	patched_version = ['0.8.4', '0.7.6']
	colors = {'MAGENTA':'\033[35mMagenta','BLUE': '\033[34m', 'OK' : '\033[92m', 'ERRO' : '\033[91m', 'WARNING' : '\033[93m', 'UNDERLINE':'\033[4m','ENDC' : '\033[0m'}


	def ch3ck_version(host,port):
	try:
	sock = socket.socket()
	sock.connect(("{0}".format(host), int(port)))
	data = sock.recv(1024).strip()
	sock.close()

	if 'libssh' in data:
	v = [data.split('_')[1]][0] # Example: SSH-2.0-libssh_0.8.3

	if v not in patched_version:
	print("[ {host} ] --> \t [ {red} VULNERABLE {end}]".format(host=host,red=colors['ERRO'],end=colors['ENDC']))
	else:
	print("[ {host} ] --> \t [ {blue} OK {end} ]".format(host=host,blue=colors['BLUE'],end=colors['ENDC']))

	except socket.error as e:
	print("[-] Connect refused")
	sys.exit(1)

	if __name__ == '__main__':
	ch3ck_version(host,port)