Shell Shock Vulnerability Bash
Yüklə 22,32 Kb.
|
- Bu səhifədəki naviqasiya:
- Firstly check the version of bash
- Now moving ahead we will try to fix the Vulnerability by downloading the lastest bash update
- Now Enter the Code for Test again to test if the bas is still vulnerable " env var=() { :;}; echo this is vulnerable bash -c "test"
|
Shell Shock Vulnerability Bash is a Unix shell a replacement for the Bourne shell (sh). it has been distributed widely as the shell for the GNU operating system and as a default shell on Linux and Mac OS X. It has been ported to Microsoft Windows and distributed with Cygwin and MinGW, to DOS by the DJGPP project, toNovell NetWare and to Android via various terminal emulation applications. In the late 1990s, many shells were in common use, of which Bash was a minor player, unlike presently where Bash has overwhelming favor. Bash is a command processor, typically run in a text window, allowing the user to type commands which cause actions. Bash can also read commands from a file, called a script. Like all Unix shells, it supports filename wildcarding, piping, here documents,command substitution, variables and controlstructures for condition-testing and iteration. The keywords, syntax and other basic features of the language were all copied from sh. Other features, e.g., history, were copied from csh and ksh. Bash is a POSIX shell, but with a number of extensions. Shellshock (CVE-2014-6271, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187, CVE-2014-6377) is a vulnerability in GNU's bash shell that gives attackers access to run remote commands on a vulnerable system. Firstly check the version of bash Run command " bash -- version " 
Now Enter the Code for Test " env var='() { :;}; echo this is vulnerable' bash -c "test" " In Case we get 1." bash: var: line 0: syntax error near unexpected token `{:' bash: var: line 0: `var () {:;}; echo this is vulnerable' bash: error importing function definition for `var' "
Lets check for RHEL 6 on my VM 
Shellshock is a vulnerability in bash. In order to patch your vulnerable system, you will need to get the most up to date version of bash available from GNU.org.Depending on your package manager (yum, apt-get, etc) you may be able to just run a yum update and you'll be good to go. Now moving ahead we will try to fix the Vulnerability by downloading the lastest bash update 1. Go to "cd ~/" 2. Create a bash folder to download the update of bash by " mkdir bash" 3. move into the bash folder " cd bash " 4. As we are in the folder now download the update " wget https://ftp.gnu.org/gnu/bash/bash-4.3.tar.gz 5. After which we will install the bash update Here below is the given screen shot
Download all the patches 
Now extract the tar file by using command " tar zxvf bash-4.3.tar.gz" move inside the bash4.3 folder and install cd bash-4.3 for i in $(seq -f "%03g" 0 26);do patch -p0 < ../bash43-$i; done ./configure && make && make install Now Enter the Code for Test again to test if the bas is still vulnerable " env var='() { :;}; echo this is vulnerable' bash -c "test" " 
As the environment variable is not being accepted by the bash shell this clears the vulnerability for my RHEL 6 version. Yüklə 22,32 Kb. Dostları ilə paylaş:
|
