SentinelSSH

SentinelSSH is a high-performance, concurrent vulnerability scanner designed to detect SSH servers potentially vulnerable to CVE-2024-6387.

   _____ ______ _   _ _______ _____ _   _ ______ _      _____ _____ _    _ 
  / ____|  ____| \ | |__   __|_   _| \ | |  ____| |    / ____/ ____| |  | |
 | (___ | |__  |  \| |  | |    | | |  \| | |__  | |   | (___| (___ | |__| |
  \___ \|  __| | . ' |  | |    | | | . ' |  __| | |    \___ \\___ \|  __  |
  ____) | |____| |\  |  | |   _| |_| |\  | |____| |____  __) |___) | |  | |
 |_____/|______|_| \_|  |_|  |_____|_| \_|______|______|_____/_____/|_|  |_|
                                                                            
 CVE-2024-6387 Vulnerability Scanner

Features

• Fast, concurrent scanning of multiple targets
• Support for IP addresses, domain names, and CIDR ranges
• File input for bulk scanning
• Real-time progress bar
• Immediate reporting of vulnerable targets
• Silent mode for integration into automated workflows
• Customizable scan parameters (port, timeout, concurrency)

Installation

Prerequisites

• Go 1.16 or later

Install with go install

To install SentinelSSH, simply run:

go install github.com/harshinsecurity/sentinelssh/cmd/sentinelssh@latest

This command will download, compile, and install SentinelSSH. Make sure your Go bin directory is in your system's PATH.

Usage

After installation, you can run SentinelSSH from anywhere in your terminal:

sentinelssh [flags] [targets...]

Flags

• -p, --port int: Port number to scan (default 22)
• -t, --timeout float: Connection timeout in seconds (default 5.0)
• -c, --concurrency int: Number of concurrent scans (default 100)
• -f, --file string: File containing list of targets
• -s, --silent: Silent mode: only output vulnerable targets

Examples

Scan a single target:

sentinelssh 192.168.1.1

Scan multiple targets:

sentinelssh example.com 192.168.1.1 10.0.0.0/24

Scan targets from a file:

sentinelssh -f targets.txt

Scan with custom port and increased concurrency:

sentinelssh -p 2222 -c 200 example.com

Silent mode (only output vulnerable targets):

sentinelssh -s -f targets.txt

How It Works

SentinelSSH works by:

1. Connecting to target SSH servers
2. Retrieving the SSH banner
3. Analyzing the banner for known vulnerable versions
4. Immediately reporting vulnerable targets

For a detailed explanation of the vulnerability detection process, see our Wiki.

Project Structure

sentinelssh/
│
├── cmd/
│   └── sentinelssh/
│       └── main.go
│
├── internal/
│   ├── scanner/
│   │   └── scanner.go
│   ├── analyzer/
│   │   └── analyzer.go
│   └── utils/
│       └── utils.go
│
├── pkg/
│   └── models/
│       └── result.go
│
├── .gitignore
├── go.mod
├── go.sum
├── LICENSE
└── README.md

Contributing

Contributions to SentinelSSH are welcome! Please feel free to submit pull requests, create issues or spread the word.

To contribute:

1. Fork the repository
2. Create your feature branch (git checkout -b feature/AmazingFeature)
3. Commit your changes (git commit -m 'Add some AmazingFeature')
4. Push to the branch (git push origin feature/AmazingFeature)
5. Open a Pull Request

License

This project is licensed under the MIT License - see the LICENSE file for details.

Disclaimer

SentinelSSH is a tool for identifying potentially vulnerable SSH servers. It does not exploit any vulnerabilities or attempt to gain unauthorized access. Use this tool responsibly and only on systems you have permission to test.

Acknowledgments

• The Go community for providing excellent libraries and tools
• All contributors and users of SentinelSSH

---

For more information, please check out our GitHub Wiki.