Temporarily disable shellshock reporting its vulnerable pages

2017-09-28 14:43:08 +03:00 · 2017-09-28 14:43:08 +03:00 · 174c74cbcb
parent cf9fa82b67
commit 174c74cbcb
1 changed files with 2 additions and 1 deletions
--- a/chaos_monkey/exploit/shellshock.py
+++ b/chaos_monkey/exploit/shellshock.py
@ -64,7 +64,8 @@ class ShellShockExploiter(HostExploiter):

        # we want to report all vulnerable URLs even if we didn't succeed
        # let's overload this
-        [self.report_vuln_shellshock(host, url) for url in exploitable_urls]
+        # TODO: uncomment when server is ready for it
+        # [self.report_vuln_shellshock(host, url) for url in exploitable_urls]

        # now try URLs until we install something on victim
        for _, url, header, exploit in exploitable_urls: