This paper presents a step-by-step demonstration for the exploitation of CVE-2014-6271, affecting the ‘Bourne Again Shell’ (Bash). By design, Bash cannot be accessed via a web server; yet a flaw in its source code provides attackers the ability of Arbitrary Code Execution (ACE) over a Common Gateway Interface (CGI). In this paper, we demonstrate how Shellshock vulnerability can be exploited, as well as outlining mitigation strategies.
CITATION STYLE
Shetty, R., Choo, K. K. R., & Kaufman, R. (2018). Shellshock vulnerability exploitation and mitigation: A demonstration. In Advances in Intelligent Systems and Computing (Vol. 580, pp. 338–350). Springer Verlag. https://doi.org/10.1007/978-3-319-67071-3_40
Mendeley helps you to discover research relevant for your work.