312-50V13 · Question #358
What is the most common method to exploit the "Bash Bug" or "Shellshock" vulnerability?
The correct answer is C. Through Web servers utilizing CGI (Common Gateway Interface) to send a malformed. The 'Bash Bug' or 'Shellshock' vulnerability was most commonly exploited through web servers using CGI to pass malformed HTTP headers as environment variables to Bash.
Question
Options
- ASYN Flood
- BSSH
- CThrough Web servers utilizing CGI (Common Gateway Interface) to send a malformed
- DManipulate format strings in text fields
How the community answered
(53 responses)- A2% (1)
- C94% (50)
- D4% (2)
Why each option
The 'Bash Bug' or 'Shellshock' vulnerability was most commonly exploited through web servers using CGI to pass malformed HTTP headers as environment variables to Bash.
SYN Flood is a Denial of Service (DoS) attack that overwhelms a target by exploiting the TCP three-way handshake, and is unrelated to the Shellshock vulnerability.
While Bash is used with SSH, direct exploitation of Shellshock for *initial access* was primarily through web servers; an attacker already having SSH access could leverage Shellshock, but it wasn't the most common method for *exploiting* the bug to gain initial unauthorized access.
The 'Shellshock' vulnerability allowed attackers to execute arbitrary commands by injecting malicious code into environment variables processed by the Bash shell. This was most widely exploited via web servers that use CGI (Common Gateway Interface) scripts, as HTTP headers (like User-Agent or Referer) are often passed as environment variables, providing a direct vector for malicious Bash code injection.
Manipulating format strings exploits vulnerabilities in how programs handle string formatting functions (e.g., `printf`), which is a different class of vulnerability from Shellshock's environment variable parsing flaw.
Concept tested: Shellshock (Bash Bug) exploitation
Source: https://access.redhat.com/articles/1200223
Topics
Community Discussion
No community discussion yet for this question.