This chapter is exclusive to Pro members
Shellshock is a vulnerability in the GNU Bash shell that was widely used in Unix-based systems. The vulnerability allowed attackers to inject and execute code via environment variables.
An attacker could trigger the vulnerability by manipulating the HTTP_USER_AGENT
variable in HTTP requests to execute arbitrary commands on a web server.
Below is an example of an HTTP request exploiting the Shellshock vulnerability:
In this example, the User-Agent
echo
command.Sign-in to your account to access your hacking courses and cyber security labs.
Access all hacking courses and cyber security labs.