Holey Bash Batman! No Really, It Has Holes (CVE-2014-6271)
UPDATED: 09/26/2014 – 01:14 EST – Added vulnerability validation code This exploit may have bigger holes than even the Bat Cave. CVE-2014-6271 (Credit to Stephane Chazelas for discovery) was publicly...
View ArticleBash and Shell Shock Today, The Good, But Mostly Just Bad
A few days ago I posted about a nasty vulnerability pertaining to GNU Bourne Again Shell, otherwise known as bash, The vulnerabilities still exist in unpatched systems and the scope of what could be...
View ArticleLog Parsing Script for Shell Shock
The released script will take a given log directory, normally your website log directory, and search it for attempts to exploit the server using the recently released GNU Bourne Again Shell (bash)...
View ArticleLocate PHP Web Shells on a Linux Web Server
A while ago I had put together a quick script to check files in a web directory for possible web shells. I was in a training class and looking for my information on this last week and it seems I've...
View ArticleFlash Malware Propagating via CDN
Final Update: I thought I would post one more update to this, as of the middle of April 2015 an analysis of the same malware indicated almost all AV instances picking it up and identifying it as a...
View Article