Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2014-6271 PoC — GNU Bash 远程代码执行漏洞

Source
https://github.com/Brandaoo/CVE-2014-6271
Associated Vulnerability
Title:GNU Bash 远程代码执行漏洞 (CVE-2014-6271)
Description:GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution, aka "ShellShock." NOTE: the original fix for this issue was incorrect; CVE-2014-7169 has been assigned to cover the vulnerability that is still present after the incorrect fix.
Readme
Shellshock Vulnerability Checker

This script checks if a website is vulnerable to the Shellshock vulnerability (CVE-2014-6271).

Summary:

The Shellshock vulnerability, also known as Bashdoor, is a security flaw that was discovered in September 2014 in the Unix Bash shell. The vulnerability allows attackers to execute arbitrary code or commands on a system by exploiting a flaw in the way Bash handles environment variables. This can potentially give attackers complete control over a vulnerable system.

Usage:

To use the script, simply run it with the domain or URL of the site you wish to check as the only argument:

./shellshock.sh example.com

If the site is vulnerable to Shellshock, the script will output:

Site example.com is vulnerable to Shellshock

If the site is not vulnerable to Shellshock, the script will output:

Site example.com is not vulnerable to Shellshock



Installation:

    Clone or download the repository:
    git clone https://github.com/Brandaoo/shellshockChecker.git

    Make the script executable:
    chmod +x shellshock.sh

Contributing:

Contributions are welcome! Feel free to submit a pull request or open an issue if you have any suggestions or improvements.
File Snapshot

 [4.0K]  /data/pocs/569540732dd723ee05961951bf03cb1430fec12d
├── [1.2K]  README.md
└── [1.3K]  shellshock.sh

0 directories, 2 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →