You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
A script to detect the shellshock vulnerabilities in web applications was committed in rev 33916. However, there is room for improvements (although i'm not sure how urgent they are):
-The current script uses / as the default URI but the spidering library could be integrated to attempt to find all files inside /cgi-bin/ directories.
-A list of popular cgi-bin paths could be added. This also generates more traffic and is useless against the majority of non vulnerable hosts.
A script to detect the shellshock vulnerabilities in web applications was committed in rev 33916. However, there is room for improvements (although i'm not sure how urgent they are):
-The current script uses / as the default URI but the spidering library could be integrated to attempt to find all files inside /cgi-bin/ directories.
-A list of popular cgi-bin paths could be added. This also generates more traffic and is useless against the majority of non vulnerable hosts.
Nmap-dev thread:
http:https://seclists.org/nmap-dev/2014/q4/291
The text was updated successfully, but these errors were encountered: