Wednesday evening we ran a bash script command against a lab computer which was designed to be vulnerable
Downloaded a system .iso file from http://www.vulnhub.com It is from the Pentester Lab section https://twitter.com/PentesterLab/status/515079459284594688
then started the computer (now I had a test lab computer system)
Then ran the above command on a Kali Linux machine (the test attack machine). And was easily able to see the /etc/passwd file.
I pasted the command into a notepad file and took an image of it so it is a bit harder for you to use this command.
As you can see we saw the passwd file and from here can easily move this file into our own system.
Other hackers have also accessed /dev/tcp/ and thus sent the file to their own computer.
this means that the Black hat hacker can easily access any machine with Bash shellcode vulnerability.
Contact Us if you need help to test your systems.