SEED Project

Shellshock Attack Lab

Overview

On September 24, 2014, a severe vulnerability in Bash was identified, and it is called Shellshock. This affects many systems. The vulnerability can be easily exploited either remotely or from a local machine. In this lab, students need to work on this attack, so they can understand the Shellshock vulnerability.

Tasks (English) (Spanish)

VM version: This lab has been tested on our SEED Ubuntu-20.04 VM
Lab setup files: DO NOT unzip the file in a shared folder, as that would cause problems. Copy the zip file to another folder inside the VM, and then use the unzip command to unpack.
- Labsetup.zip
- Labsetup-arm.zip (for Apple Silicon machines)
Manual:: Docker manual

Time (Suggested)

Supervised (closely-guided lab session): 2 hours
Unsupervised (take-home project): 1 week

SEED Videos

Udemy: Computer Security: A Hands-on Approach (§ 3)

SEED Books (English) (Chinese)

Feedback and Help

	Please give us your feedback on this lab using this feedback form.
	The SEED Labs project is open source. If you are interested in contributing to this project, please check out our Github page: https://github.com/seed-labs/seed-labs.