Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2014-6271 PoC — GNU Bash 远程代码执行漏洞

Source
https://github.com/francisck/shellshock-cgi
Associated Vulnerability
Title:GNU Bash 远程代码执行漏洞 (CVE-2014-6271)
Description:GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution, aka "ShellShock." NOTE: the original fix for this issue was incorrect; CVE-2014-7169 has been assigned to cover the vulnerability that is still present after the incorrect fix.
Description
A python script to enumerate CGI scripts vulnerable to CVE-2014-6271 on one specific server
Readme
shellshock-cgi
==============

A python script to enumerate CGI scripts vulnerable to CVE-2014-6271 on one specific server

## Usage
```
$ python testing.py --server 172.16.255.130 --listen 172.16.255.1
```


##Example Return:
```
[+] Testing if 172.16.255.130 is vulnerable to CVE-2014-6271 via CGI

[+] Listening for incoming connections on the following socket 172.16.255.1:4443

[!] The server is vulnerable at the following URL: http://172.16.255.130/cgi-bin/status

[!] The server is vulnerable at the following URI: http://172.16.255.130/cgi-bin/ax.cgi
```


## Contributors
Special thanks to https://github.com/Signus for general assitance with the threading and socket function

## Contact
Twitter: [@francisckrs](https://twitter.com/francisckrs "twitterhandle on twitter")
File Snapshot

 [4.0K]  /data/pocs/c493bf7d6d1622e9fc72a0736c85a87bc219991a
├── [7.9K]  cgiscripts.txt
├── [ 18K]  LICENSE
├── [ 783]  README.md
└── [4.2K]  shellshock_cgi.py

0 directories, 4 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →