Tutorials

ShellShock Exploitation with BurpSuite [PentesterLab] – CVE-2014-6271

This is an exercise from PentesterLab to reproduce & demonstrate how to exploit CVE-2014-6271 [ShellShock Vulnerability]. Download Vulnerable ISO – https://www.pentesterlab.com/exercises/cve-2014-6271 Size: 19 MB OS Type: Linux A flaw was found in the way Bash evaluated certain specially crafted environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell […]

Tutorials

ShellShock Vulnerability Exploitation With HTTP Request

In a previous tutorial, we used Metasploit Framework to gain a low-level shell on the target system by exploiting the ShellShock vulnerability. The same can also be done by sending a HTTP Request with Wget and Curl. In order to exploit the ShellShock bug, the following steps need to occur: you must get the target […]