'ShellShock' Bash Vulnerability CVE-2014-6271 Test Tool
Counter:
As of right now, 204000 tests have been run with 19342 vulnerabilities found.
Test Web Site Root and Known URL Attack Points
Web Site Host Name (i.e.
myserver.com
):
Test Specific Script URL
Specific CGI Script URL:
WARNING:
This is an experimental tool. It attempts to exploit various HTTP headers to execute wget and curl requests back to this server. If this server receives the requests, then the vulnerability is confirmed.
Use at your own risk and on your own servers only.
This tool uses HTTP exploits only. Also check
www.shellshocktest.com
for a test tool that uses Ping exploits, by
@lukashed
And another test tool:
BashSmash.ccsir.org
How this tool works:
View Code
|
Some mildly interesting analysis of data this tool logs