Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/tripwire/bashbug-shellshock-test
This offline tool is not supported and is provided for informational purposes only.
https://github.com/tripwire/bashbug-shellshock-test
Last synced: about 2 months ago
JSON representation
This offline tool is not supported and is provided for informational purposes only.
- Host: GitHub
- URL: https://github.com/tripwire/bashbug-shellshock-test
- Owner: Tripwire
- Created: 2014-09-25T19:21:10.000Z (over 10 years ago)
- Default Branch: master
- Last Pushed: 2014-09-26T04:08:13.000Z (over 10 years ago)
- Last Synced: 2024-05-09T19:55:58.440Z (8 months ago)
- Language: Python
- Size: 120 KB
- Stars: 13
- Watchers: 9
- Forks: 9
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
bashbug-shellshock-test
=======================This offline tool is not supported and is provided for informational purposes only.
This tool is dependent on Python 2.7.'''
'
' Shellshock Test - CVE-2014-6271
' Written by Tripwire VERT (http://www.tripwire.com/vert)
'
' This offline tool is not supported and is provided for informational purposes only.
' This tool uses Python - license information is available here: http://opensource.org/licenses/Python-2.0
'
'''usage: shellshock_test.py [-h] [--path [PATH]] [--paths [PATHS]]
[--target [TARGET]] [--targets [TARGETS]]
[--spider [SPIDER]] [--url [URL]] [--log [LOG]]
[--ssl [SSL]]
{local,remote}
Contains two modes of operation:local - requires no arguments, tests the local bash prompt for CVE-2014-6271.
remote - two test methods, requires additional options. Tests an HTTP Server for CVE-2014-6271.
Method 1:
--path / --paths - Specify a single path via command line or a path-per-line file of paths to test.
--target / --targets - Specify a single target via command line or a target-per-line file of targets to test. [Format: ip:port]
Method 2:
--spider - Specify a local file path to pull file names from to test.
--url -- Specify the url to append the local file names to.
Additional options:
--ssl - Test hosts via SSL
--log - Enable logging to a file rather than stdout*Note that this script only returns vulnerable matches*
Additional information available from: http://www.tripwire.com/vert/shellshock-bash-bug/