This Metasploit module exploits a post-auth code injection in specially crafted environment variables in Bash, specifically targeting CUPS filters through the PRINTER_INFO and PRINTER_LOCATION variables by default.
29f7d463eabc5a2bc1364b1db48a8215
DNS reverse lookups can be used as a vector of attack for the bash shellshock vulnerability.
6385a3fffc56c9fb074a8644a4532ebf
This Metasploit module exploits the shellshock vulnerability in apache cgi. It allows you to execute any metasploit payload you want.
773d0a059a29f1fbe77093d1a3f5379a
This Metasploit module exploits the code injection flaw known as shellshock which leverages specially crafted environment variables in Bash. This exploit specifically targets Pure-FTPd when configured to use an external program for authentication.
1509d16ef5a69d2e95b0b3996782eef8
When bash is started with an environment variable that begins with the string "() {", that variable is treated as a function definition and parsed as code. If extra commands are added after the function definition, they will be executed immediately. When dhclient receives an ACK that contains a domain name or hostname, they are passed to configuration scripts as environment variables, allowing us to trigger the bash bug. Because of the length restrictions and unusual networking scenario at time of exploitation, this Metasploit module achieves code execution by echoing our payload into /etc/crontab and cleans it up when we get a shell.
3906040148097bfee9fc17f307249281
This Metasploit module exploits a code injection in specially crafted environment variables in Bash, specifically targeting Apache mod_cgi scripts through the HTTP_USER_AGENT variable.
d996eb7acb549980a06d280bfa62f920
This Metasploit module exploits a code injection in specially crafted environment variables in Bash, specifically targeting dhclient network configuration scripts through the HOSTNAME, DOMAINNAME, and URL DHCP options.
19a0fcbe08d157ed9445eba999ba7bf9
Gnu Bash versions 4.3 and below remote command injection exploit that leverages the User-Agent header via vulnerable CGI scripts. Written in Python.
281fac3d5e80c4e0afe507e7c29d16f3
This abuses the bug in bash environment variables (CVE-2014-6271) to get a suid binary inside of VMWare Fusion to launch our payload as root.
f5f9b29d43a8fed2b9e5c43663ec5254
bashedCgi is a quick and dirty Metasploit module to send the BASH exploit payload (CVE-2014-6271) to CGI scripts that are BASH-based or invoke BASH, to execute an arbitrary shell command.
44848a3424a134914b0d1e857adb7c0b