Shellshock Bug Affecting Mac And Linux Users

Discussion in 'Computers and The Internet' started by Joshua Tree, Sep 27, 2014.

  1. Joshua Tree

    Joshua Tree Remain In Light

    Messages:
    4,844
    Likes Received:
    1,630
    If you have a Mac or linux computer make sure you have applied the latest updates / patches.

    This bug allows a remote hacker to gain complete control over your system.

    Most major distributions have released patches to fix the vulnerability in the bash shell.

    http://www.theregister.co.uk/2014/09/24/bash_shell_vuln/

    The article explains how you can check if your system is currently unsecured against this attack:

    Code:
    env X="() { :;} ; echo busted" /bin/sh -c "echo completed"
    env X="() { :;} ; echo busted" `which bash` -c "echo completed"
     
    3 people like this.
  2. AceK

    AceK Scientia Potentia Est

    Messages:
    7,824
    Likes Received:
    958
    i heard about this a few weeks ago, i think it's only exploitable if you're running a server or remote shell accounts tho (could be wrong). this actually isn't specific to MacOSX, or any particular OS, it's the [bash] shell itself which is used ... almost everywhere :yikes:

    anyways .. this is the output i got which means it's okay

    Code:
    slacker@cup-cake:/var/log$ env X="() { :;} ; echo busted" /bin/sh -c "echo completed"
    completed
    slacker@cup-cake:/var/log$ env X="() { :;} ; echo busted" `which bash` -c "echo completed"
    /bin/bash: warning: X: ignoring function definition attempt
    /bin/bash: error importing function definition for `X'
    completed
    
    this is a good example of why a system should be updated often
     
    1 person likes this.
  3. Vanilla Gorilla

    Vanilla Gorilla Go Ape

    Messages:
    30,289
    Likes Received:
    8,560
    Its not like you'd be able to run the sudo command from fluff at the end of function in an env variable though
     
  4. AceK

    AceK Scientia Potentia Est

    Messages:
    7,824
    Likes Received:
    958
    yeah, that's why the "principal of least privilage" should be used in all cases. in any case, it's dangerous because hackers will spend a lot of time trying to exploit it and fail 10,000 times and keep trying.
     
  5. Vanilla Gorilla

    Vanilla Gorilla Go Ape

    Messages:
    30,289
    Likes Received:
    8,560
    This "bug" has been in the bash shell for a while. Not really even a bug though is it, not like it really knows when to stop reading a env variable. Interesting to see what the patch is, stop readin an env variable at what character?
     
  6. AceK

    AceK Scientia Potentia Est

    Messages:
    7,824
    Likes Received:
    958
    i'm thinking at ";" .. idk .. the fact that it's in quotes is supposed to make it read the whole thing in as a string
     
  7. AceK

    AceK Scientia Potentia Est

    Messages:
    7,824
    Likes Received:
    958
    so, have any systems actually been compromised by this "in the wild"?

    edit: nevermind, i just found the answer to this .. yes it's been used.
     
  8. Joshua Tree

    Joshua Tree Remain In Light

    Messages:
    4,844
    Likes Received:
    1,630
    Yes I should have added that obviously UNIX systems are potentially vulnerable, also some wireless routers run Bash. Might be worth checking with your manufacturer for a firmware update.
     
  9. lode

    lode Banned

    Messages:
    21,697
    Likes Received:
    1,677
    Among some of the worst programming that I've seen, involved a web application running as root with a php script that directly invoked bash.

    And all just to get the PID of a program.

    Essentially anyone who could submit arbitrary data to the web application could have easily taken the the entire server.
     
  10. AceK

    AceK Scientia Potentia Est

    Messages:
    7,824
    Likes Received:
    958
    that's probably the worst thing to worry about is systems (or devices, like network equipment) that can't be easily patched.

    facepalm * 1000 ... no, times infinity (root .. for real?)

    Code:
    while (1) {
       facepalm();   
    }
    
     

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice