Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- """
- C0der : Tanmay [ 13lackD3m0n ]
- Facebook : tanmay606
- Email : [email protected]
- Script : ShellShock Vulnerablity Checking Script.
- [+] If you want to use this script on remote server, first upload it and then open it. [/+]
- """
- import os,sys,time
- try:
- from colorama import Fore,Back
- except ImportError:
- print "\n[ERROR]"
- print "\t[1] You need colorama module to run this script. [ install it first ]"
- print "\t[2] This script will not work in WIN. [ only for linux,unix,mac based ]";
- sys.exit(1);
- exploit_cmd = "echo vulnerable"; #!execute if server is affected.
- sleep_time = int('2'); #!time to sleep.
- real_cmd = "echo complete successfull."; #! execute in both cases.
- def _banner_():
- print (Fore.GREEN+"\t- > ShellShock Vulnerablity Scanner Script."+Fore.RESET);
- print (Fore.GREEN+"\t- > Author : Tanmay [ 13lackD3Mon ]"+Fore.RESET);
- print "\n";
- sys.stdout.write("\t[#] Checking SYSTEM/OS for ShellShock Vulnerablity . . . . . .\n\n\r");
- sys.stdout.flush();
- time.sleep(sleep_time);
- _banner_();
- def _vul_():
- print (Back.RED + "\t[WARNING] Your SERVER/OS is affected with ShellShock Vulnerablity.\a" + Back.RESET)
- print (Back.GREEN + "\t [FIX] immediately update BASH.".upper() + Back.RESET)
- def _notvul_():
- print "[SUCCESS] Your SYSTEM in properly pathed from shellshock vulnerablity.\a";
- def _check_(exploit_cmd):
- for cmd in os.popen("env val='() { :; }; %s' bash -c '%s'"%(exploit_cmd,real_cmd)):
- if("vulnerable" in cmd): #!if vul. code found in result which means OS/SERVER execute crafted command and vulnerable to shellshock
- _vul_();
- sys.exit(1);
- else: #! if not execute crafted command which means system is pathed from shellshock.
- _notvul_();
- sys.exit(1);
- _check_(exploit_cmd); #!Trigger hook.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
