Last active
August 29, 2015 14:06
-
-
Save andresriancho/4ef11d75c1f517c24f94 to your computer and use it in GitHub Desktop.
w3af can now find shell shock vulnerabilities
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| w3af>>> plugins | |
| w3af/plugins>>> audit shell_shock | |
| w3af/plugins>>> back | |
| w3af>>> target | |
| w3af/config:target>>> set target http://.../test-env.cgi | |
| w3af/config:target>>> back | |
| The configuration has been saved. | |
| w3af>>> start | |
| Shell shock was found at: "http://.../test-env.cgi", using HTTP method GET. | |
| The modified header was: "User-Agent" and it's value was: "() { test; }; ping -c 3 localhost". | |
| This vulnerability was found in the requests with ids 36, 40, 44, 48 and 52. | |
| Scan finished in 56 seconds. | |
| Stopping the core... | |
| w3af>>> exit | |
| w3af>>> | |
| Liked it? Contribute with some lines of code! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
there is no "shell_shock" plugin. the code is in the os_commanding plugin
(x@box:~/w3af)$ ./w3af_console
w3af>>> plugins
w3af/plugins>>> audit shell_shock
Unknown plugin: 'shell_shock'
w3af/plugins>>>
the initial commits were made to os_commanding from what i can see