Use commands to test remote sites: curl -A “() { ignored; }; echo Content-Type: text/plain ; echo ; echo ; /usr/bin/id” $URL I did it to my website (www.fixvirus.com) obviously use the test website instead of $URL. Contact Me as i develop more tests for remote bash exploit tests… With us to get more information that is topical like this.
how to test for vulnerable Bash shell: Execute the following: $ env x='() { :;}; echo vulnerable’ bash -c “echo this is a test” on the command line, if it comes back with this is a test then the system is vulnerable If the system returns: bash: warning: x: ignoring function definition attempt bash: error … Read more
Perl discussion at lsexperts.de has a data Dumper vulnerability – review your Perl scripts to : Applications written in Perl should ensure that a sanity check on data serialized by Data::Dumper is performed. WordPress vulnerabilities page which was recently set up. Andreas Kurtz found malicious iOS apps after iOS 8 was released. The issue … Read more
This Shellshock issue has now spawned 6 CVE’s CVE = Common Vulnerabilities and Exposures Threat level Yellow at Internet Storm Center This is a complex vulnerability first CVE got patched almost immediately CVE-2014-6271 The second CVE now has a patch as of Friday). CVE-2014-7169 The 3rd and 4th CVE CVE-2014-7186, CVE-2014-7187 not patched … Read more
What started as an environment of function and usability on Unix systems has devolved in another security exploit mess. US -CERT has the report for both potential exploits now (one was patched) all tools are there for hackers to exploit specific websites running Linux or Unix. That means that there are many websites that … Read more
