search
githubEdit

Shellshock CGI

hashtag
Overview

  • Affects Bash versions up to 4.3

  • Exploits improper handling of environment variables

  • Common in CGI scripts, IoT devices

hashtag
Discovery

hashtag
Find CGI Scripts

gobuster dir -u http://TARGET/cgi-bin/ -w /usr/share/wordlists/dirb/small.txt -x cgi,sh,pl

# Common CGI paths
/cgi-bin/
/cgi-sys/
/cgi-mod/

hashtag
Common Vulnerable Scripts

/cgi-bin/test.cgi
/cgi-bin/status
/cgi-bin/admin.cgi
/cgi-bin/test-cgi
/cgi-bin/printenv

hashtag
Test for Vulnerability

hashtag
Via User-Agent Header

hashtag
Via Cookie Header

hashtag
Via Referer Header

hashtag
Exploitation

hashtag
Command Execution

hashtag
Reverse Shell

hashtag
Alternative Reverse Shell

hashtag
Nmap Script

hashtag
Metasploit

hashtag
Local Test

PreviousosTicketNextTiny File Manager

Last updated