Exploiting Shellshock

CompTIA Security+ (SY601) Domains:
Domain 1.0: Threats, Attacks, and Vulnerabilities

CompTIA Security+ (SY601) Objectives:
Objective 1.7: Summarize the techniques used in security assessments

Overview

In this lab, you will be conducting vulnerability assessments using various tools and exploiting Linux that has the Shellshock vulnerability. The lab will also install and detect rootkit malware.

outcomes

In this lab you will learn to:

Exploit the Shellshock vulnerability.
Install and detect a rootkit vulnerability.

Courses

Linux Based Security+ - Skill Labs

Key terms and descriptions

Malware

Malware, also known as malicious software, is a piece of software that does harm to a computer, a network, server, etc.

Rootkit

Rootkits are yet another type of malware that is installed on a system. Rootkits are infamous for evading detection, and they can do lots of harm to a system.

Shellshock

Shellshock is a remote command execution vulnerability in the Linux BASH shell.

Rkhunter

Rkhunter is an application that tracks down rootkits, backdoors, and possible exploits on systems.