Posted on

Shellshock Vulnerability in IpFire

By now, everybody should be knowing what is shellshock vulnerability. To those newbies who have no idea what it is, the shellshock vulnerability affects Bash ( it is the same program you encounter regularly if you are a Linux user, yeah i’m talking about shell or terminal ). Using this vulnerability, hackers can make the affected versions of bash to execute commands written by them.

All versions of Ipfire firewall before 2.15 (including this one ) are vulnerable to this shellshock vulnerability. Now let’s see how to exploit this vulnerability using Metasploit.  This exploit needs credentials. Start Metasploit and load the exploit as shown below.  As you can see, there is only one payload to this exploit, i.e one command as explained above.

shellshock vulnerability

Set the required options as shown below. Use check command to see if the target is vulnerable.

Set the command  you want to run on the target machine. I set the command to view the /etc/passwd file of our target. You can set any command you want to run.

By now, most of the machines may have patched this vulnerability. To stay safe, use the command to check for this vulnerability.

env x='() { :;}; echo vulnerable’ bash -c “this is a test” 

If your machine is vulnerable, you should get “vulnerable” displayed as shown below.

If it’s not vulnerable, you will get the result as shown below.

If you are using Nessus vulnerability scanner, there is a special Bash shellshock detection to check for this vulnerability in multiple devices.

If your bash version is vulnerable, update the bash. See another method of hacking IPFire Firewall.

Posted on 1 Comment

Remote Code Execution in IPFire Firewall

Hello aspiring Hackers. In this howto, you will learn how to exploit a remote code execution vulnerability in IPFire Firewall.  Firewalls are one of the most important components in the security of a network. Vulnerabilities in firewalls can be more serious. Today we will see one such vulnerability.

IPFire is an open source firewall,router and VPN  built form LFS( Linux From Scratch ). All the versions below 2.19 of this firewall suffer from rce vulnerability in proxy.cgi page. Today we will see how to exploit this vulnerability with Metasploit. This vulnerability can be exploited only if credentials are known. So all users using credentials which can be guessed easily are vulnerable. Ipfire firewall hacking

Start Metasploit, load the exploit and check the options required.

Type command “show payloads” to see all the payloads.

Set the required payload.

Set the required options as shown below. As already said, we need the credentials and of course the target IP address. After all the options are set, use the “run” command to execute the exploit. We will get the target’s shell as shown below.

To test this, type “ls” command to list the contents of the present directory.

That was all about exploiting remote code execution in IPFire Firewall. See how to hack Windows 10 with Hercules.

Want to learn Ethical Hacking with Real World Hacking Scenarios? Subscribe to our Digital Magazine Now.