Hello friends,
Today i'm surfing internet to get proper exploit or script to exploit
shellshock vulnerabality. but only found metasploit and some exploit-DB exploits which are not verified and also some are not working. so, i decided to write my own script to exploit shellshock vulnerable server remotely by sending crafted headers. my script allow you to choose your custom command which you want to execute on remote server if vulnerable .
This script is only for my null-byte friends .
First what you need :-
1 Bash based system
2 Python
3 Colorama Python color module
4. Vulnerable Server.
Here is a screenshot How my script looks like
Script Link : http://pastebin.com/PBQ0rsAW
Copy script from link provided and save it as "ssexploit.py". and edit it with
your favourite text editor and replace website and directory there with your vulnerable website and website directory, you can also change command which you want to execute.
then execute in shell : python ssexploit.py
:) if you need any help regarding script or shellshock PM me :)
Command which you can use :-
list directory : /bin/ls -l
eject CD/DVD Drive : /usr/bin/eject
ifconfig : /sbin/ifconfig
and for more commands google it or Mail me.
#!13lackD3m0n
Today i'm surfing internet to get proper exploit or script to exploit
shellshock vulnerabality. but only found metasploit and some exploit-DB exploits which are not verified and also some are not working. so, i decided to write my own script to exploit shellshock vulnerable server remotely by sending crafted headers. my script allow you to choose your custom command which you want to execute on remote server if vulnerable .
This script is only for my null-byte friends .
First what you need :-
1 Bash based system
2 Python
3 Colorama Python color module
4. Vulnerable Server.
Here is a screenshot How my script looks like
Script Link : http://pastebin.com/PBQ0rsAW
Copy script from link provided and save it as "ssexploit.py". and edit it with
your favourite text editor and replace website and directory there with your vulnerable website and website directory, you can also change command which you want to execute.
then execute in shell : python ssexploit.py
:) if you need any help regarding script or shellshock PM me :)
Command which you can use :-
list directory : /bin/ls -l
eject CD/DVD Drive : /usr/bin/eject
ifconfig : /sbin/ifconfig
and for more commands google it or Mail me.
#!13lackD3m0n
No comments:
Post a Comment