How to Exploit Shellshock on a Web Server Using Metasploit

One of the most critical bugs to come out in the last five years was Shellshock, a vulnerability which allows attackers to execute arbitrary code via the Unix Bash shell remotely. This vulnerability has been around for a while now, but due to the ubiquity of Unix machines connected to the web, Shellshock is still a very real threat, especially for unpatched systems. How the Shellshock Vulnerability Works Shellshock first appeared back in September 2014. There were reports of attacks within hours of the initial disclosure of the vulnerability, and over the next few days, there were millions... more

from WonderHowTo https://ift.tt/2JYP5l8
via IFTTT