-
Notifications
You must be signed in to change notification settings - Fork 13.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Created documentation for apache_mod_cgi_bash_env.rb #13138
Conversation
Pull down latest changes
@exigentmidnight Thanks for the docs contribution!!!! A few things:
I'll go ahead and give it a review now though so you can incorporate those fixes on the single commit branch you submit soon. |
Thanks! I'll be happy to make those edits and submit it the right way :) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Solid first attempt. Love the details on setting up an environment and such (since the devil is in the details on setting up vuln envs). Good job!
documentation/modules/auxiliary/scanner/http/apache_mod_cgi_bash_env.md
Outdated
Show resolved
Hide resolved
documentation/modules/auxiliary/scanner/http/apache_mod_cgi_bash_env.md
Outdated
Show resolved
Hide resolved
documentation/modules/auxiliary/scanner/http/apache_mod_cgi_bash_env.md
Outdated
Show resolved
Hide resolved
3. Do: set `TARGETURI [URI]` | ||
4. Do: `run` | ||
|
||
### To check if a host is vulnerable to the attack |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
can be moved up under Vulnerable Application
Based on issue #12389 I identified that documentation did not yet exist for apache_mod_cgi_bash_env.rb. I setup an environment to run the scanner against that was vulnerable and verified that the scanner was functioning. I also included directions for someone else who may want to test the issue but did not know how to create a vulnerable environment. Thanks!