https://github.com/froggdev/php_froggshellshocker

Test Shell Shock Exploit on a linux server using php
https://github.com/froggdev/php_froggshellshocker

Last synced: 7 months ago
JSON representation

Test Shell Shock Exploit on a linux server using php

• Host: GitHub
• URL: https://github.com/froggdev/php_froggshellshocker
• Owner: FroggDev
• License: unlicense
• Created: 2014-09-30T16:20:36.000Z (over 11 years ago)
• Default Branch: master
• Last Pushed: 2014-10-21T14:55:47.000Z (over 11 years ago)
• Last Synced: 2024-12-27T04:12:55.391Z (over 1 year ago)
• Language: PHP
• Homepage:
• Size: 246 KB
• Stars: 0
• Watchers: 2
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

          
Shell Shock Tester

==================

Test Shell Shock Exploit on a linux server using php

i will add more description later

this script test the 4 exploits of Shell Shock on any Linux server with php 5+

all the configuration is actually in the main code in the configuration part, you can set:

- server server ip (+cgi page if needed)

- folder where exploit will write (or none but can be the mess, for better test need to add rights)

- and some more options (like the exploit file name and ext to be easily retrieved)

The code will try to write file in /tmp/exploit/ (default folder who need to be created) using the Shell Shock Exploit.

If the script create thoose file, that mean your server is Vulnerable to the exploit...

To create the folder you can use the shell command: 

mkdir -p /tmp/exploit && chown www-data:www-data /tmp/exploit && chmod 777 /tmp/exploit

Once done with the script you can safely remove this temp folder.

All is describe in detail in the source code...

If you got any question feel free to send me a message/mail