Lab2

.rtf

School

Zane State College *

*We aren’t endorsed by this school

Course

2300

Subject

Information Systems

Date

Jan 9, 2024

Type

rtf

Pages

13

Uploaded by UltraSteel12168

Report
Jonah Thompson Lab 2 1 Shellshock Vulnerability 1.1 Identifying the Shellshock Vulnerability In this image we have to run the $ sudo docker run --rm -it -p 4444:80 vulnerables/cve-2014-6271 command it prompts us for a password and we give it NDGlabpass123! the output it gives us in the instructions the lab tells us to ignore it
We are are now in the settings of our firewall the lab once us to disable block internal network access which we already have clicked but still have to click apply changes to make sure they have saved
This image is for when u click apply changes and the top message pop up says it has successfully done that
we now type the address the lab once us to go to 192.168.0.6:4444 and we get this website page telling us this image is vulnerable to shellshock we click on the tamper data to go to the next image which is the cloud icon
we scroll to the bottom of the screen and click yes to start tampering with the data of the site. now we go back to our address bar and type /cgi-bin/vulnerable at the end of what we typed before which in the previous image it tells us thats where the script is
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help