I'm a grad student. We're looking for a remote site to perform shellshock for educational purposes. Sites which are willingly vulnerable for ethical hacking purposes??
Asked
Active
Viewed 127 times
2 Answers
5
There were a few sites but they are no longer online. Your best bet is to grab a VM and perform the test locally. There's a good VM and Walkthrough available from PentesterLab - https://pentesterlab.com/exercises/cve-2014-6271
16b7195abb140a3929bbc322d1c6f1
- 3,354
- 4
- 17
- 20
-
Yes I guess so. Would have preffered a live site. – shezi27 Jan 09 '16 at 04:59
-
6A VM is indeed a 'live site' that belongs to you. If you think it would make a demonstration more meaningful to your audience, you could run the VM on AWS or other cloud provider; but I promise you that audiences won't care. – John Deters Jan 09 '16 at 05:30
4
Take a look at: http://www.cis.syr.edu/~wedu/Teaching/CompSec/labs.html
There are a whole set of free labs (including shellshock), an unpatched Ubuntu image, and even instructions on how to set up VirtualBox to run the VM on your own machine if you are unfamiliar.
An excellent resource that we use for our classes. Have fun!
Dobex
- 41
- 1