Exploit ShellShock with My Script

May 6, 2015 10:13 AM
May 6, 2015 10:18 AM
635664781835160753.jpg

Hello friends,

Today i'm surfing internet to get proper exploit or script to exploit shellshock vulnerabality. but only found metasploit and some exploit-DB exploits which are not verified and also some are not working. so, i decided to write my own script to exploit shellshock vulnerable server remotely by sending crafted headers. my script allow you to choose your custom command which you want to execute on remote server if vulnerable .

This script is only for my null-byte friends .

First what you need :-

1 Bash based system

2 Python

3 Colorama Python color module

  1. Vulnerable Server.

Here is a screenshot How my script looks like

635664781835160753.jpg

Script Link : http://pastebin.com/PBQ0rsAW

Copy script from link provided and save it as "ssexploit.py". and edit it with your favourite text editor and replace website and directory there with your vulnerable website and website directory, you can also change command which you want to execute.

then execute in shell : python ssexploit.py

:) if you need any help regarding script or shellshock PM me :)

Command which you can use :-

list directory : /bin/ls -l

eject CD/DVD Drive : /usr/bin/eject

ifconfig : /sbin/ifconfig

and for more commands google it or PM me.

#!13lackD3m0n

Comments

No Comments Exist

Be the first, drop a comment!