CTF Writeup Walkthrough CVEs and Public Exploits CyberSecurity and Penetration Testing Videos CyberSecurity Articles

The ShellShock Vulnerability Explained | HackTheBox Shocker

Motasem January 1, 2022 0

Shellshock vulnerability allows for remote code execution using shell callouts to bash below 4.3. payload can be sent simply using curl in http headers.

Exploitation : Curl – shocker.py – Metasploit

Mitigation : Update bash > 4.3 – Dislable shell callouts in /cgi-bin

In this post, we covered the demonstration, exploitation and mitigation of The ShellShock Vulnerability. We used the lab material of HackTheBox Shocker.

Download HackTheBox Shocker learning material in pdf

Video Walk-Through

CTF Writeup, HackTheBox

Show Comments

Motasem

About the Author

Cybersecurity Trainer MS in Cybersecurity Expertise in Healthcare and Finance Industries Penetration tester and compliance auditor

Motasem

Founder & Editor

Cybersecurity Trainer MS in Cybersecurity Expertise in Healthcare and Finance Industries Penetration tester and compliance auditor

Motasem on How To Use FireEye RedLine For Incident Response | TryHackMe RedLineNovember 11, 2021
I am planning to go over it soon.
VINAYAK AGRAWAL on How To Use FireEye RedLine For Incident Response | TryHackMe RedLineNovember 9, 2021
Hey, did you complete task 6 ?
IBM Data Analyst Professional Certificate Review and Course Notes on R Programming Notes For Data AnalystsNovember 6, 2021
[…] R Programming Notes […]
Motasem on File Inclusion Vulnerability Explained | TryHackMe Junior Penetration TesterNovember 4, 2021
https://github.com/pentestmonkey/php-reverse-shell/blob/master/php-reverse-shell.php
95CN on File Inclusion Vulnerability Explained | TryHackMe Junior Penetration TesterNovember 3, 2021
I need your shell.php file, can you give it to me? thanks