Leggi tutti gli altri articoli pubblicati su “Il Bloggatore”
Leggi tutti gli altri articoli presenti su “Il Bloggatore”! E tieniti aggiornato su tutte le novità che riguardano l’informatica! Clicca qui!
View ArticleFare calcoli utilizzando bash
A volte, nei miei piccoli shell script che faccio, utilizzo un po' di matematica, di solito niente di troppo complesso, ma è utile fare i conti all'interno dello stesso script bash. Bash è davvero...
View ArticleBash Environment Variable Command Execution
Date: Wed, 24 Sep 2014 17:03:19 +0200 From: Florian Weimer <fw@...eb.enyo.de> To: oss-security@...ts.openwall.com Subject: Re: CVE-2014-6271: remote code execution through bash * Florian...
View ArticleBash Code Injection Proof Of Concept
<?php /* Title: Bash Specially-crafted Environment Variables Code Injection Vulnerability CVE: 2014-6271 Vendor Homepage: https://www.gnu.org/software/bash/ Author: Prakhar Prasad && Subho...
View ArticleGnu Bash 4.3 CGI REFERER Command Injection
#!/usr/bin/perl # # Title: Bash/cgi command execution exploit # CVE: CVE-2014-6271 # Author: Simo Ben youssef # Contact: Simo_at_Morxploit_com # Coded: 25 September 2014 # Published: 26 September 2014...
View ArticlebashedCgi Remote Command Execution
require 'msf/core' class Metasploit3 < Msf::Auxiliary include Msf::Exploit::Remote::HttpClient def initialize(info = {}) super(update_info(info, 'Name' => 'bashedCgi', 'Description' =>...
View ArticleGnu Bash 4.3 CGI Scan Remote Command Injection
#!/usr/bin/env python # http connection import urllib2 # Args management import optparse # Error managemen import sys banner = """ _______ _______ __ | _ .-----.--.--. | _ .---.-.-----| |--. |....
View ArticleApache mod_cgi Bash Environment Variable Code Injection
## # This module requires Metasploit: http//metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## require 'msf/core' class Metasploit4 <...
View ArticleDHCP Client Bash Environment Variable Code Injection
## # This module requires Metasploit: http//metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## require 'msf/core' require 'rex/proto/dhcp' class Metasploit3...
View ArticleIPFire 2.15 Bash Command Injection
#!/usr/bin/env python # # Exploit Title : IPFire <= 2.15 core 82 Authenticated cgi Remote Command Injection (ShellShock) # # Exploit Author : Claudio Viviani # # Vendor Homepage :...
View ArticlePure-FTPd External Authentication Bash Environment Variable Code Injection
## # This module requires Metasploit: http//metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## require 'msf/core' class Metasploit4 <...
View ArticleApache mod_cgi Remote Command Execution
#! /usr/bin/env python from socket import * from threading import Thread import thread, time, httplib, urllib, sys stop = False proxyhost = "" proxyport = 0 def usage(): print """ Shellshock...
View ArticlePostfix SMTP Shellshock
#!/bin/python # Exploit Title: Shellshock SMTP Exploit # Date: 10/3/2014 # Exploit Author: fattymcwopr # Vendor Homepage: gnu.org # Software Link: http://ftp.gnu.org/gnu/bash/ # Version: 4.2.x <...
View ArticleCUPS Filter Bash Environment Variable Code Injection
## # This module requires Metasploit: http://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## require 'msf/core' class Metasploit4 <...
View Article