I reported the Shellshock exploit IPS evasion to the vendor (McAfee – Intel Security) , uploaded a PoC video showing the exploit and which evasion technique I used , and after 154 days they replied with the fix of the issue.
- Evasion Report date: 29 February 2016
- Fix date: 1 August 2016
- Fixed Signature: HTTP: Apache mod_cgi Bash Environment Variable Code Injection
- Signature database version include the fixed sig: 126.96.36.199
After that i tried to exploit the target again using the same evasion technique and this time it was caught.