When serious vulnerabilities like ShellShock or ImageTragick are revealed, the announcement is often accompanied by PoC code. But what are the real payloads that attackers attempt to use when exploiting these vulnerabilities? Seeing the real payloads people use is often very difficult, but CloudFlare is in a unique position. By offering security services to over 4 million websites and detecting the exploitation of vulnerabilities like ShellShock or ImageTragick, we are able to see the actual payloads that attackers are using.
by John Graham-Cumming