Aaron
63285f61aa
Some checks failed
Vulhub Format Check and Lint / format-check (push) Has been cancelled
Vulhub Format Check and Lint / markdown-check (push) Has been cancelled
Vulhub Docker Image CI / longtime-images-test (push) Has been cancelled
Vulhub Docker Image CI / images-test (push) Has been cancelled
625 B
625 B
Bash Shellshock Remote Command Injection (CVE-2014-6271)
Build and run the vulnerable environment:
docker compose build
docker compose up -d
When you visit http://your-ip/ you should see two files:
- safe.cgi
- victim.cgi
safe.cgi generated by the latest version of bash, and victim.cgi is the page generated by bash4.3 which is vulnerable to shellshock.
We can send include our payload in the user-agent string when visiting victim.cgi and the command is executed successfully:
The same request sent to safe.cgi is unaffected:
