Shellshock Attack experiment

Source: Internet
Author: User

1. What is Shellshock attack

2. The specific process of the experiment

Download specific download process has been completed do not explain the process of decompression

(Fig. 1)

The specific process of linking is as follows

(Figure II)

If the output is vulnerable, bash is vulnerable. Finally, let/bin/sh point to/bin/bash.

three . experimental content 1. Attack Set-uid Program

In this experiment, we gain root privileges by attacking the Set-uid program. First, make sure that you have installed a version of Bash with the vulnerability and have/bin/sh point to/bin/bash.

Because of the bug in the vim and touch of this machine, we continued the experiment with the experimental building.

Jixu

Continue the experiment and meet the problem similar to the problem of the virtual machine itself

Shellshock Attack experiment

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.