|
|
Sponsored Content
Special Forums
News, Links, Events and Announcements
Bash vulnerability
Post 302918688 by zaxxon on Thursday 25th of September 2014 04:05:35 AM
|
|
10 More Discussions You Might Find Interesting
1. Shell Programming and Scripting
Hi All,
I need to pass a variable to perl script from bash script, where in perl i am using if condition. Here is the cmd what i am using in perl
FROM_DATE="06/05/2008"
TO_DATE="07/05/2008"
"perl -ne ' print if ( $_ >="$FROM_DATE" && $_ <= "$TO_DATE" ) ' filename"
filename has... (10 Replies)
Discussion started by: arsidh
10 Replies
2. Shell Programming and Scripting
Hi,
I use AIX (ksh) and Linux (bash) servers. I'm trying to do scripts to will run in both ksh and bash, and most of the time it works. But this time I don't get it in bash (I'm more familar in ksh).
The goal of my script if to read a "config file" (like "ini" file), and make various report.... (2 Replies)
Discussion started by: estienne
2 Replies
3. Shell Programming and Scripting
hi,
i have a script that runs on bash and would like to run it on a machine that has csh and bash. the default setting on that machine is csh. i dont want to change my code to run it with a csh shell. is there any way i can run the script (written in bash) on this machine? in other words is there... (3 Replies)
Discussion started by: npatwardhan
3 Replies
4. UNIX for Dummies Questions & Answers
# check host value regex='^(||1|2|25)(\.(||1|2|25)){3}$' if ')" != "" ]; then if ]; then echo host $host not found exit 4 fi elif ]; then echo $host is an invalid host address exit 5 fi
espeacailly the top regex part?
---------- Post updated at 06:58 PM ---------- Previous update was... (1 Reply)
Discussion started by: kevin298
1 Replies
5. Solaris
The patch blog has:
https://blogs.oracle.com/patch/entry/solaris_idrs_available_on_mos
information on dealing with bash 'shellshock' vulnerability. (3 Replies)
Discussion started by: jim mcnamara
3 Replies
6. Shell Programming and Scripting
In the bash below I am asking the user for a panel and reading that into bed. Then asking the user for a file and reading that into file1.Is the grep in bold the correct way to apply the selected panel to the file? I am getting a syntax error. Thank you :)
... (4 Replies)
Discussion started by: cmccabe
4 Replies
7. Shell Programming and Scripting
How to run several bash commands put in bash command line without needing and requiring a script file.
Because I'm actually a windows guy and new here so for illustration is sort of :
$ bash "echo ${PATH} & echo have a nice day!"
will do output, for example:... (4 Replies)
Discussion started by: abdulbadii
4 Replies
8. Shell Programming and Scripting
So I'm trying to pass certain json elements as env vars and use them later on in a script.
Sample json:
JSON='{
"Element1": "file-123456",
"Element2": "Name, of, company written in, a very weird way",
"Element3": "path/to/some/file.txt",
}'
(part of the) script:
for s... (5 Replies)
Discussion started by: da1
5 Replies
9. UNIX for Beginners Questions & Answers
Hi,
I am new in bash scripting. In my work, I provide support to several users and when I connect to their computers I use the same admin and password, so I am trying to create a script that will only ask me for the IP address and then connect to the computer without having me to type the user... (5 Replies)
Discussion started by: arcoa05
5 Replies
10. UNIX for Beginners Questions & Answers
In Bash shell - the ps -ef shows only the /bin/bash but the script name is not displayed ? Is there any way to get the script names for the process command ?
--- Post updated at 08:39 AM ---
in KSH (Korn Shell), my command output shows the script names but when run in the Bash Shell... (3 Replies)
Discussion started by: i4ismail
3 Replies
LEARN ABOUT DEBIAN
wapiti
WAPITI(1) User Commands WAPITI(1) NAME
wapiti - a web application vulnerability scanner. SYNOPSIS
wapiti http://server.com/base/url/ [options] DESCRIPTION
Wapiti allows you to audit the security of your web applications. It performs "black-box" scans, i.e. it does not study the source code of the application but will scans the webpages of the deployed webapp, looking for scripts and forms where it can inject data. Once it gets this list, Wapiti acts like a fuzzer, injecting payloads to see if a script is vulnerable. OPTIONS
-s, --start <url> specify an url to start with. -x, --exclude <url> exclude an url from the scan (for example logout scripts) you can also use a wildcard (*): Example : -x "http://server/base/?page=*&module=test" or -x "http://server/base/admin/*" to exclude a directory -p, --proxy <url_proxy> specify a proxy (-p http://proxy:port/) -c, --cookie <cookie_file> use a cookie -t, --timeout <timeout> set the timeout (in seconds) -a, --auth <login%password> set credentials (for HTTP authentication) doesn't work with Python 2.4 -r, --remove <parameter_name> removes a parameter from URLs -m, --module <module> use a predefined set of scan/attack options: GET_ALL: only use GET request (no POST) GET_XSS: only XSS attacks with HTTP GET method POST_XSS: only XSS attacks with HTTP POST method -u, --underline use color to highlight vulnerable parameters in output -v, --verbose <level> set the verbosity level: 0: quiet (default), 1: print each url, 2: print every attack -h, --help print help page EFFICIENCY
Wapiti is developed in Python and use a library called lswww. This web spider library does the most of the work. Unfortunately, the html parsers module within python only works with well formed html pages so lswww fails to extract information from bad-coded webpages. Tidy can clean these webpages on the fly for us so lswww will give pretty good results. In order to make Wapiti far more efficient, you should: apt-get install python-utidylib python-ctypes AUTHOR
Copyright (C) 2006-2007 Nicolas Surribas <nicolas.surribas@gmail.com> Manpage created by Thomas Blasing <thomasbl@pool.math.tu-berlin.de> http://wapiti.sourceforge.net/ July 2007 WAPITI(1)