laghack: Winning by lagging : The complete SHELLSHOCK exploit tutorial

Wednesday, October 29, 2014

The complete SHELLSHOCK exploit tutorial - pen testing for experiment

This year probably the biggest vulnerablility ever was disclosed, it was dubbed 'ShellShock'. It was a vulnerability in all systems implimenting Bash, which is the majority of Linux and Mac operating systems. Just the simple string () { :;}; when injected into a bash enviroment variable or a process that uses bash like Headers, User-Agent, Refferer, Curl and Wget will allow a remote code execution... this 0-day is 100x worse than HeartBleed!! Especially since there are 5 versions of the exploit...

The contents of this post have been encrypted. You need the correct key to unlock the contents.

Show encrypted text

8 comments:

UnknownFebruary 6, 2020 at 5:08 PM
Boot him
ReplyDelete
Replies
UnknownFebruary 6, 2020 at 5:15 PM
Boot k2 nightly offline for 5min
ReplyDelete
Replies
takennxdMay 22, 2020 at 9:22 PM
Boot don’t-eat-cows please
ReplyDelete
Replies
UnknownJuly 29, 2020 at 7:20 PM
boot MissionHornet93
ReplyDelete
Replies
UnknownDecember 15, 2020 at 3:10 PM
boot grayfijiatre
ReplyDelete
Replies
UnknownJanuary 3, 2021 at 12:50 PM
hi boot him
ReplyDelete
Replies
UnknownMay 19, 2021 at 6:35 PM
boot Dj5hawn
ReplyDelete
Replies
UnknownMay 19, 2021 at 6:35 PM
boot pizzaroles
ReplyDelete
Replies

Add comment

Pages

Wednesday, October 29, 2014

The complete SHELLSHOCK exploit tutorial - pen testing for experiment

8 comments: