Monday, 18 May 2015

Exploit ShellShock with My Script

Hello friends,

Today i'm surfing internet to get proper exploit or script to exploit
shellshock vulnerabality. but only found metasploit and some exploit-DB exploits which are not verified and also some are not working. so, i decided to write my own script to exploit shellshock vulnerable server remotely by sending crafted headers. my script allow you to choose your custom command which you want to execute on remote server if vulnerable .
This script is only for my null-byte friends .
First what you need :-


1 Bash based system

2 Python

3 Colorama Python color module

4. Vulnerable Server.


Here is a screenshot How my script looks like




Script Link : http://pastebin.com/PBQ0rsAW


Copy script from link provided and save it as "ssexploit.py". and edit it with 
your favourite text editor and replace website and directory there with your vulnerable website and website directory, you can also change command which you want to execute.

then execute in shell : python ssexploit.py


:) if you need any help regarding script or shellshock PM me :)

Command which you can use :-

list directory : /bin/ls -l

eject CD/DVD Drive : /usr/bin/eject

ifconfig : /sbin/ifconfig


and for more commands google it or Mail me.

#!13lackD3m0n

No comments:

Post a Comment