MSF exploit module for HTTP File Server v2.3b
https://gist.github.com/mfadzilr/6b8fbc3ce9ee89623585
Original P.O.C
http://www.exploit-db.com/exploits/34668/ by Daniele Linguaglossa
Sunday, September 28, 2014
Shellshock Test command line version
here is my simple bash command line to test if your site is vulnerable to remote bash vulnerability
https://gist.github.com/mfadzilr/70892f43597e7863a8dc
during my test, as long the cgi has "#!/bin/bash" it is vulnerable to an attack, and you can change the http method and header to anything (i think), it would still work.
https://gist.github.com/mfadzilr/70892f43597e7863a8dc
during my test, as long the cgi has "#!/bin/bash" it is vulnerable to an attack, and you can change the http method and header to anything (i think), it would still work.
Subscribe to:
Posts (Atom)