The Fix of Mcafee IDS Evasion while Bash Shellshock Exploit

I reported the Shellshock exploit IPS evasion to the vendor (McAfee – Intel Security) , uploaded a PoC video showing the exploit and which evasion technique I used , and after 154 days they replied with the fix of the issue.

 

  • Evasion Report date: 29 February 2016
  • Fix date: 1 August 2016
  • Fixed Signature: HTTP: Apache mod_cgi Bash Environment Variable Code Injection
  • Signature database version include the fixed sig: 8.7.81.6

 

shellshock_fix_1

shellshock_fix_2

 

After that i tried to exploit the target again using the same evasion technique and this time it was caught.

 

Leave a Reply

Your email address will not be published.