Mirrors/CTF-Writeups
2
0
Fork 0
mirror of https://github.com/AbdullahRizwan101/CTF-Writeups synced 2024-11-10 06:34:17 +00:00
Code Issues Projects Releases Packages Wiki Activity

Update Shellshock.md

Browse source
This commit is contained in:
AbdullahRizwan101 2020-11-08 07:07:49 -05:00 committed by GitHub
parent 4d522fbae4
commit 2fa4a3e96b
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
BsidesIslamabad 2020/Shellshock.md
View file

@ -1,5 +1,3 @@
<img src="https://i.imgur.com/m9Vwt1s.png"/>
<img src="https://imgur.com/NS6QZ4p.png"/> <img src="https://imgur.com/NS6QZ4p.png"/>
Looking at the source code we find base64 encoded text Looking at the source code we find base64 encoded text
@ -12,12 +10,9 @@ On decoding
<img src="https://imgur.com/XVHZYRf.png"/> <img src="https://imgur.com/XVHZYRf.png"/>
I did a `nikto` scan and found that this is vulnerable to `shellshock`
I search on google about `cgi-bin` and found that they are mostly vulnerable to `shellshock` that allows execution of bash commands I search on google about `cgi-bin` and found that they are mostly vulnerable to `shellshock` that allows execution of bash commands
On refering to this blog post
On refering to this blog post
`https://wywyit.medium.com/ritsec-fall-2018-ctf-week-6-45d414035c76` `https://wywyit.medium.com/ritsec-fall-2018-ctf-week-6-45d414035c76`