I have seen eg. Netscaler response policy which can detect if someone is
trying shellshock bug using http headers.
I am using nginx as reverse proxy so is there good way to make a similar
protection using nginx features?
eg. checking http headers and drop/return 404 if shellshock code is
detected?
if, you should try to match for (regex-pattern) “() {” #since this must be written like this;
an additional space between “() {” would render the exploiut
non-functional
further more: you are missing all headers; attacks i’ve seen so far
worked
angainst
UA
cookies
custom headers
customized attacks might work via POST-BODY too, but this is yet not
confirmed