Log Parsing Script for Shell Shock

Published by Torry Crass on

The released script will take a given log directory, normally your website log directory, and search it for attempts to exploit the server using the recently released GNU Bourne Again Shell (bash) vulnerability also known as Shell Shock.  Once it identifies these entries, it will output them into a separate file as well as use wget to attempt to download a copy of each of the exploits for later analysis.

The script requires Linux with perl and wget installed to run properly and can be found on github at the following location:

https://github.com/sock5puppet/shellgrab

Categories: ScriptingSecurityTechnical
Tags:

0 Comments

Leave a Reply

Related Posts

Helpful Commands

Linux Disable Interface with Netplan (or not)

So, based on everything I’ve found, you can’t. In my opinion this is a shortcoming of using netplan versus the old way of simply using ifupand ifdown. This is in many ways super frustrating as Read more…

Technical

Updating VMware ESXi Certificate

This activity is far from straight forward. There’s lots of information about how to do this through vCenter but the information becomes very unclear when it comes to the free version of VMware ESXi. First, Read more…

Scripting

Linux Script Error: Bad Substitution (change shell from dash to bash)

This is a simple problem in the end that cost me serious troubleshooting time. Hopefully you found this article and it can save you some of what I lost. You may encounter a problem when Read more…