>This all looks like "echo ; /bin/cat /etc/passwd" and somehow the server just s... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		Thorrez on Jan 28, 2024 \| parent \| context \| favorite \| on: I looked through attacks in my access logs >This all looks like "echo ; /bin/cat /etc/passwd" and somehow the server just spitting it out. Is that really the state of web security? It's attempting to exploit a vulnerability in bash that was discovered and fixed in 2014: https://en.wikipedia.org/wiki/Shellshock_(software_bug)

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact