Thursday, September 25, 2014

Bash Vulnerability Part 3

Earlier today, I wrote a quick blog post about detecting exploit attempts for this new Bash Vulnerability:

As mentioned in an update to that blog post, Seth Hall wrote a ShellShock detector for Bro that detects successful exploitation (not just an attempt):

I've added these Bro scripts to our securityonion-bro-scripts package and submitted the package for testing:!topic/security-onion-testing/kOBEKrhKvTo

If you're not already a member of the security-onion-testing Google Group, please join the group and help us test this new package so we can get it released as quickly as possible.


Bro Notice for ShellShock::Exploit

Bro http.log showing ShellShock::HIT
UPDATE 20140926 14:12
Please see Part 4:

UPDATE 20140927 08:01
The updated securityonion-bro-scripts package has been released to our stable PPA:

No comments:

Search This Blog

Featured Post

Quick Malware Analysis: WORD MACRO --> SSLOAD --> COBALT STRIKE pcap from 2024-04-18

Thanks to Brad Duncan for sharing this pcap from 2024-04-18 on his malware traffic analysis site! Due to issues with Google flagging a warni...

Popular Posts

Blog Archive