Shellshock
Mon 29 September 2014
‘Shellshock’
Bash is an environment that has been used for many years on Unix type systems namely Linux and Apple Mac (OSX). It has recently been discovered that bash can be compromised. Access is gained via server access tools like the force command feature in opens the mod_cgi and mod_cgid modules in apache web server software.
It was considered that you need only a low amount of hacking knowledge to exploit this bug, meaning that the effect would be wide spread in a very short amount of time.
This bug effect almost anything running the version of Bash that is vulnerable which is most linux systems and applemac osx
To check if you machine has the bug you can run this one line script in a terminal session.
env x=’() { :;}; echo You are vulnerable update bash NOW’ bash -c “echo If you only see me then your not vulnerable your lucky”
Fixing this is fairly easy for linux
Cent OS and Red Hat:
yum update
Debian Wheezy
apt-get update && apt-get install —only-upgrade bash
Debian Squeeze:
If the server is running squeeze then first edit /etc/apt/sources add the line
deb http://ftp.debian.org/debian squeeze-lts main contrib non-free
apt-get update && apt-get install —only-upgrade bash
Debian Lenny: (you really should upgrade
Add these two lines to /etc/apt/sources.list
deb http://archive.debian.org/debian/ lenny main deb-src http://archive.debian.org/debian/ lenny main
apt-get update && apt-get install build-essential get text bison
cd /usr/src
wget http://ftp.gnu.org/gnu/bash/bash-3.2.tar.gz
tar zxvf bash-3.2.tar.gz
cd bash-3.2
for i in $(seq -f “%03g” 1 54); do wget -nv http://ftp.gnu.org/gnu/bash/bash-3.2-patches/bash32-$i; patch -p0 < bash32-$i; done
./configure && make
make install
mv /bin/bash /bin/bash.old
cp bash /bin/bash
bash —version
Apple OSX:
first get Xcode: https://itunes.apple.com/us/app/xcode/id497799835?mt=12
run up Xcode in the gui first you will need to agree to the license first before you can run the command line tool
curl https://opensource.apple.com/tarballs/bash/bash-92.tar.gz | tar zxf -
cd bash-92/bash-3.2
curl https://ftp.gnu.org/pub/gnu/bash/bash-3.2-patches/bash32-052 | patch -p0; curl https://ftp.gnu.org/pub/gnu/bash/bash-3.2-patches/bash32-053 | patch -p0 curl https://ftp.gnu.org/pub/gnu/bash/bash-3.2-patches/bash32-054 | patch -p0
cd ..;xcodebuild
sudo cp /bin/bash /bin/bash.bak; sudo cp /bin/sh /bin/sh.bak
sudo cp build/Release/bash /bin; sudo cp build/Release/sh /bin
sudo chmod a-x /bin/bash.bak /bin/sh.bak
check its done
bash —version