Exploit Database Note:
The following is an excerpt from: securityblogredhatcom/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/
Like “real” programming languages, Bash has functions, though in a somewhat limited implementation, and it is possible to put these bash functions into environment variables Th ...
##
# This module requires Metasploit: metasploitcom/download
# Current source: githubcom/rapid7/metasploit-framework
##
require 'msf/core'
class Metasploit4 < Msf::Exploit::Remote
Rank = ExcellentRanking
include Msf::Exploit::Remote::HttpClient
def initialize(info = {})
super(update_info(info,
'Name' => 'Ad ...
require 'msf/core'
class Metasploit3 < Msf::Auxiliary
include Msf::Exploit::Remote::HttpClient
def initialize(info = {})
super(update_info(info,
'Name' => 'bashedCgi',
'Description' => %q{
Quick & dirty module to send the BASH ex ...
# Exploit Title: Kemp Load Master - Multiple Vulnerabilities (RCE, CSRF, XSS, DoS)
# Date: 01 April 2015
# Author: Roberto Suggi Liverani
# Software Link: kemptechnologiescom/load-balancer/
# Version: 7116 and previous versions
# Tested on: Kemp Load Master 71-16
# CVE : CVE-2014-5287/5288
Link: blogmalerischnet/2015/04/playing ...
##
# This module requires Metasploit: metasploitcom/download
# Current source: githubcom/rapid7/metasploit-framework
##
require 'msf/core'
class Metasploit4 < Msf::Exploit::Remote
Rank = GoodRanking
include Msf::Exploit::Remote::HttpClient
def initialize(info = {})
super(update_info(info,
'Name' => 'CUPS Fi ...
#!/usr/bin/env python
#
# Exploit Title : IPFire <= 215 core 82 Authenticated cgi Remote Command Injection (ShellShock)
#
# Exploit Author : Claudio Viviani
#
# Vendor Homepage : wwwipfireorg
#
# Software Link: downloadsipfireorg/releases/ipfire-2x/215-core82/ipfire-215i586-full-core82iso
#
# Date : 2014-09-29
#
# Fixed v ...
#!/usr/bin/python
# Exploit Title: dhclient shellshocker
# Google Dork: n/a
# Date: 10/1/14
# Exploit Author: @0x00string
# Vendor Homepage: gnuorg
# Software Link: ftpgnuorg/gnu/bash/bash-43targz
# Version: 4311
# Tested on: Ubuntu 14041
# CVE : CVE-2014-6277,CVE-2014-6278,CVE-2014-7169,CVE-2014-7186,CVE-2014-7187
# ______ ...
##
# This module requires Metasploit: http//metasploitcom/download
# Current source: githubcom/rapid7/metasploit-framework
##
require 'msf/core'
class Metasploit3 < Msf::Exploit::Remote
Rank = ExcellentRanking
include Msf::Exploit::Remote::HttpClient
include Msf::Exploit::EXE
def initialize(info = {})
super(update_info ...
# Exploit Title: QNAP Web server remote code execution via Bash Environment Variable Code Injection
# Date: 7 February 2015
# Exploit Author: Patrick Pellegrino | 0x700x700x650x6c0x6c0x650x670x720x690x6e0x6f@securegroupit [work] / 0x640x330x760x620x700x70@gmailcom [other]
# Employer homepage: wwwsecuregroupit
# Vendor homepage: ww ...
# Exploit Title: PHP 5x Shellshock Exploit (bypass disable_functions)
# Google Dork: none
# Date: 10/31/2014
# Exploit Author: Ryan King (Starfall)
# Vendor Homepage: phpnet
# Software Link: phpnet/get/php-562tarbz2/from/a/mirror
# Version: 5* (tested on 562)
# Tested on: Debian 7 and CentOS 5 and 6
# CVE: CVE-2014-6271
< ...
##
# This module requires Metasploit: http//metasploitcom/download
# Current source: githubcom/rapid7/metasploit-framework
##
require 'msf/core'
class Metasploit4 < Msf::Exploit::Remote
Rank = ExcellentRanking
include Msf::Exploit::Remote::Ftp
include Msf::Exploit::CmdStager
def initialize(info = {})
super(update_info(i ...
# Exploit Title: ShellShock OpenVPN Exploit
# Date: Fri Oct 3 15:48:08 EDT 2014
# Exploit Author: hobbily AKA @fj33r
# Version: 2229
# Tested on: Debian Linux
# CVE : CVE-2014-6271
#Probably should of submitted this the day I tweeted it
### serverconf
port 1194
proto udp
dev tun
client-cert-not-required
auth-user-pass-verify /etc/openvpn ...
#!/bin/python
# Exploit Title: Shellshock SMTP Exploit
# Date: 10/3/2014
# Exploit Author: fattymcwopr
# Vendor Homepage: gnuorg
# Software Link: ftpgnuorg/gnu/bash/
# Version: 42x < 4248
# Tested on: Debian 7 (postfix smtp server w/procmail)
# CVE : 2014-6271
from socket import *
import sys
def usage():
print "shellshock_sm ...
# Exploit Title: QNAP admin shell via Bash Environment Variable Code Injection
# Date: 7 February 2015
# Exploit Author: Patrick Pellegrino | 0x700x700x650x6c0x6c0x650x670x720x690x6e0x6f@securegroupit [work] / 0x640x330x760x620x700x70@gmailcom [other]
# Employer homepage: wwwsecuregroupit
# Vendor homepage: wwwqnapcom
# Version: ...
<?php
/*
Title: Bash Specially-crafted Environment Variables Code Injection Vulnerability
CVE: 2014-6271
Vendor Homepage: wwwgnuorg/software/bash/
Author: Prakhar Prasad && Subho Halder
Author Homepage: prakharprasadcom && appknoxcom
Date: September 25th 2014
Tested on: Mac OS X 1094/1095 with Apac ...