CVE-2014-7169 PoC — GNU Bash 操作系统命令注入漏洞

Source

https://github.com/Gobinath-B/SHELL-SCHOCK

Associated Vulnerability

Title:GNU Bash 操作系统命令注入漏洞 (CVE-2014-7169)
Description:GNU Bash是美国软件开发者布莱恩-福克斯（Brian J. Fox）为GNU计划而编写的一个Shell（命令语言解释器），它运行于类Unix操作系统中（Linux系统的默认Shell），并能够从标准输入设备或文件中读取、执行命令，同时也结合了一部分ksh和csh的特点。 GNU Bash 4.3 bash43-025及之前版本中存在安全漏洞，该漏洞源于程序没有正确处理环境变量值内的畸形函数定义。远程攻击者可借助特制的环境变量利用该漏洞写入文件。以下产品和模块受到影响：OpenSSH sshd中的Fo

Description

CVE-2014-7169 Shell Shock

Readme

# SHELL-SCHOCK
CVE-2014-7169 Shell Shock

File Snapshot


 [4.0K]  /data/pocs/01601cd1228692dd4d2e1fd052ae1f1d297ad990
├── [  41]  README.md
└── [1.1K]  shell shock.txt

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!