> ## Documentation Index
> Fetch the complete documentation index at: https://rootea.es/llms.txt
> Use this file to discover all available pages before exploring further.

# Shellshock (CVE-2014-6271)

> Recursos cross-platform para Shellshock (CVE-2014-6271): máquinas HTB, labs PortSwigger y rooms TryHackMe curados, con writeups validados y skills relacionadas.

# Shellshock (CVE-2014-6271)

Esta página agrega los **recursos para practicar Shellshock (CVE-2014-6271)** de forma cross-platform: máquinas retiradas de Hack The Box, labs de PortSwigger Web Security Academy y rooms de TryHackMe, más recursos curados (HackTricks, PortSwigger, etc.) y skills relacionadas.

## Recursos curados

| Fuente     | Enlace                                                                                                                                                                                                                                                                                                                   |
| ---------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |
| HackTricks | [https://book.hacktricks.wiki/en/network-services-pentesting/pentesting-web/php-tricks-esp/php-useful-functions-disable\_functions-open\_basedir-bypass.html](https://book.hacktricks.wiki/en/network-services-pentesting/pentesting-web/php-tricks-esp/php-useful-functions-disable_functions-open_basedir-bypass.html) |
| Exploit-DB | [https://www.exploit-db.com/exploits/34900](https://www.exploit-db.com/exploits/34900)                                                                                                                                                                                                                                   |

## Máquinas HTB que practican Shellshock (CVE-2014-6271) (3)

| Máquina                                       | SO    | Dificultad                                           |
| --------------------------------------------- | ----- | ---------------------------------------------------- |
| [Ariekei](/htb/machines/linux/insano/ariekei) | Linux | <span className="dbadge dbadge-insane">INSANE</span> |
| [Beep](/htb/machines/linux/facil/beep)        | Linux | <span className="dbadge dbadge-easy">EASY</span>     |
| [Shocker](/htb/machines/linux/facil/shocker)  | Linux | <span className="dbadge dbadge-easy">EASY</span>     |

## Labs PortSwigger que practican Shellshock (CVE-2014-6271) (1)

| Lab                                                                                             | Dificultad                                             | Topic                              | Oficial                                                                              |
| ----------------------------------------------------------------------------------------------- | ------------------------------------------------------ | ---------------------------------- | ------------------------------------------------------------------------------------ |
| [Blind SSRF with Shellshock exploitation](/portswigger/labs/ssrf/blind-shellshock-exploitation) | <span className="dbadge dbadge-easy">APPRENTICE</span> | SSRF (Server-Side Request Forgery) | [Abrir](https://portswigger.net/web-security/ssrf/blind/lab-shellshock-exploitation) |

## Skills relacionadas

* [/skills/rce](/skills/rce)

***

← [Volver al glosario completo](/glosario)

<script type="application/ld+json">
  {`{"@context":"https://schema.org","@type":"DefinedTerm","name":"Shellshock (CVE-2014-6271)","termCode":"shellshock","inLanguage":"es","url":"https://rootea.es/skills/shellshock","inDefinedTermSet":{"@type":"DefinedTermSet","name":"Glosario táctico de pentesting","url":"https://rootea.es/glosario"}}`}
</script>

<script type="application/ld+json">
  {`{"@context":"https://schema.org","@type":"ItemList","name":"Máquinas HTB que practican Shellshock (CVE-2014-6271)","numberOfItems":3,"itemListElement":[{"@type":"ListItem","position":1,"url":"https://rootea.es/htb/machines/linux/insano/ariekei","name":"Ariekei"},{"@type":"ListItem","position":2,"url":"https://rootea.es/htb/machines/linux/facil/beep","name":"Beep"},{"@type":"ListItem","position":3,"url":"https://rootea.es/htb/machines/linux/facil/shocker","name":"Shocker"}]}`}
</script>

*Última actualización: 2026-05-08*
