Archive for October 2014

vg.no ctf2?

By running “curl www.vg.no -I”, I ended up with this header:

By the looks of it, this reminds me of a encoded URL string, that hopefully leads to something funny.

Shellshock

The current bash exploit has been expanded, both to bypass new patches and abuse new services. As an example, some FTP servers under the right circumstances may be affected by this. As for Perl, many scripts rely on the functions/variables…Continue Reading →