module
Apache mod_cgi Bash Environment Variable Injection (Shellshock) Scanner
| Disclosed | Created |
|---|---|
| Sep 24, 2014 | May 30, 2018 |
Disclosed
Sep 24, 2014
Created
May 30, 2018
Description
This module scans for the Shellshock vulnerability, a flaw in how the Bash shell
handles external environment variables. This module targets CGI scripts in the
Apache web server by setting the HTTP_USER_AGENT environment variable to a
malicious function definition.
PROTIP: Use exploit/multi/handler with a PAYLOAD appropriate to your
CMD, set ExitOnSession false, run -j, and then run this module to create
sessions on vulnerable hosts.
Note that this is not the recommended method for obtaining shells.
If you require sessions, please use the apache_mod_cgi_bash_env_exec
exploit module instead.
handles external environment variables. This module targets CGI scripts in the
Apache web server by setting the HTTP_USER_AGENT environment variable to a
malicious function definition.
PROTIP: Use exploit/multi/handler with a PAYLOAD appropriate to your
CMD, set ExitOnSession false, run -j, and then run this module to create
sessions on vulnerable hosts.
Note that this is not the recommended method for obtaining shells.
If you require sessions, please use the apache_mod_cgi_bash_env_exec
exploit module instead.
Authors
References
Module Options
To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.