Log Parsing Script for Shell Shock

Published by Torry Crass on

The released script will take a given log directory, normally your website log directory, and search it for attempts to exploit the server using the recently released GNU Bourne Again Shell (bash) vulnerability also known as Shell Shock.  Once it identifies these entries, it will output them into a separate file as well as use wget to attempt to download a copy of each of the exploits for later analysis.

The script requires Linux with perl and wget installed to run properly and can be found on github at the following location:

https://github.com/sock5puppet/shellgrab