BLOGROLLS

Shellshock

By: Simon Quantrill On: Mon 29 September 2014
In: Unknown
Tags:

‘Shellshock’

Bash is an environment that has been used for many years on Unix type systems namely Linux and Apple Mac (OSX). It has recently been discovered that bash can be compromised. Access is gained via server access tools like the force command feature in opens the mod_cgi and mod_cgid modules in apache web server software.

It was considered that you need only a low amount of hacking knowledge to exploit this bug, meaning that the effect would be wide spread in a very short amount of time.

This bug effect almost anything running the version of Bash that is vulnerable which is most linux systems and applemac osx

To check if you machine has the bug you can run this one line script in a terminal session.

env x='() { :;}; echo You are vulnerable update bash NOW’ bash -c "echo If you only see me then your not vulnerable your lucky”

Fixing this is fairly easy for linux

Cent OS and Red Hat:

yum update

Debian Wheezy

apt-get update && apt-get install --only-upgrade bash

Debian Squeeze:

If the server is running squeeze then first edit /etc/apt/sources add the line

deb http://ftp.debian.org/debian squeeze-lts main contrib non-free

apt-get update && apt-get install --only-upgrade bash

Debian Lenny: (you really should upgrade

Add these two lines to /etc/apt/sources.list

deb http://archive.debian.org/debian/ lenny main deb-src http://archive.debian.org/debian/ lenny main

apt-get update && apt-get install build-essential get text bison

cd /usr/src

wget http://ftp.gnu.org/gnu/bash/bash-3.2.tar.gz

tar zxvf bash-3.2.tar.gz

cd bash-3.2

for i in $(seq -f "%03g" 1 54); do wget -nv http://ftp.gnu.org/gnu/bash/bash-3.2-patches/bash32-$i; patch -p0 < bash32-$i; done

./configure && make

make install

mv /bin/bash /bin/bash.old

cp bash /bin/bash

bash --version

Apple OSX:

first get Xcode: https://itunes.apple.com/us/app/xcode/id497799835?mt=12

run up Xcode in the gui first you will need to agree to the license first before you can run the command line tool

curl https://opensource.apple.com/tarballs/bash/bash-92.tar.gz | tar zxf -

cd bash-92/bash-3.2

curl https://ftp.gnu.org/pub/gnu/bash/bash-3.2-patches/bash32-052 | patch -p0; curl https://ftp.gnu.org/pub/gnu/bash/bash-3.2-patches/bash32-053 | patch -p0 curl https://ftp.gnu.org/pub/gnu/bash/bash-3.2-patches/bash32-054 | patch -p0

cd ..;xcodebuild

sudo cp /bin/bash /bin/bash.bak; sudo cp /bin/sh /bin/sh.bak

sudo cp build/Release/bash /bin; sudo cp build/Release/sh /bin

sudo chmod a-x /bin/bash.bak /bin/sh.bak

check its done

bash --version


If you found the article helpful, please share or cite the article, and spread the word:


For any feedback or corrections, please write in to: Simon Quantrill