The released script will take a given log directory, normally your website log directory, and search it for attempts to exploit the server using the recently released GNU Bourne Again Shell (bash) vulnerability also known as Shell Shock. Once it identifies these entries, it will output them into a separate Read more…
A few days ago I posted about a nasty vulnerability pertaining to GNU Bourne Again Shell, otherwise known as bash, The vulnerabilities still exist in unpatched systems and the scope of what could be affected is still expanding. The good news is a few vendors have provided updates clarifying that Read more…
UPDATED: 09/26/2014 – 01:14 EST – Added vulnerability validation code This exploit may have bigger holes than even the Bat Cave. CVE-2014-6271 (Credit to Stephane Chazelas for discovery) was publicly announced yesterday, September, 24th and some articles are already calling this bug a larger security hole than the recent Heartbleed SSL Read more…