Share TUTORIAL "SHELLSHOCK" BASH EXPLOIT + TEMPORARY PATCH - Printable Version +- Indonesian Back|Track Team (https://www.indonesianbacktrack.or.id/forum) +-- Forum: Attacker Zone (https://www.indonesianbacktrack.or.id/forum/forum-169.html) +--- Forum: Cracking (https://www.indonesianbacktrack.or.id/forum/forum-126.html) +--- Thread: Share TUTORIAL "SHELLSHOCK" BASH EXPLOIT + TEMPORARY PATCH (/thread-6056.html) Pages:
1
2
|
TUTORIAL "SHELLSHOCK" BASH EXPLOIT + TEMPORARY PATCH - Ichsan Bahri - 11-05-2014 Yesterday, a serious bug affecting all versions of GNU bash was disclosed. The bug is in parsing of functions inside environment variables. Specifically, bash does not stop parsing functions at the end of the function. It will continue to execute whatever code it was given. This is remotely exploitable through any condition that allows a user to set environment variables and run bash. An example would be HTTP headers being sent before running a CGI script. Web servers pass these headers through environment variables, therefore nearly all Linux systems running CGI on webservers are vulnerable at this moment. The simplest way of getting execution through this bug is to send a malformed bash function as your user agent, like this one: PHP Code: Quote:() { :;}; YOUR COMMANDS HERE Here is a local way to check if you are vulnerable. PHP Code: Quote:env "x=() { :;}; echo vuln;" bash There is only a partial patch available at the time of this writing. To fully work around this bug for now, you'll have to set a Bourne-compatible shell as your system shell, like so: PHP Code: Quote:cd /bin; rm sh; ln -s dash sh # DO NOT DO THIS WITHOUT DASH INSTALLED. YOU WILL MESS UP YOUR SYSTEM. EDIT: Just making it clear that HTTP is not the only way to exploit this. If you are running bash on or before September 25th, 2014, you are exploitable somehow. Period. DHCP clients are affected, webservers are affected, anything that calls system() is affected, your cron scripts are potentially affected, your init scripts are potentially affected and SSHd is affected, allowing for bypass of ForceCommand directives. Even your Macbook is vulnerable. This is serious shit. Author= Reiko RE: TUTORIAL "SHELLSHOCK" BASH EXPLOIT + TEMPORARY PATCH - stevennathaniel - 11-06-2014 super sekali. keep sharing. dilanjut dong tutorialnya. masa cuma cara mengecek vulnerable atau tidak sistemnya. dibikin juga petunjuk cara memanfaatkan vulnerability nya. yg lebih seru gitu. misalnya dengan memanfaatkan metasploit untuk meluncurkan serangannya. RE: TUTORIAL "SHELLSHOCK" BASH EXPLOIT + TEMPORARY PATCH - wine trochanter - 11-06-2014 ew english buatan sendiri or copas? RE: TUTORIAL "SHELLSHOCK" BASH EXPLOIT + TEMPORARY PATCH - Ichsan Bahri - 11-06-2014 (11-06-2014, 12:17 AM)wine trochanter Wrote: ew english punya orang om, itu ada di paling bawah author nya, bentar om tak besarin dulu hehe RE: TUTORIAL "SHELLSHOCK" BASH EXPLOIT + TEMPORARY PATCH - Ichsan Bahri - 11-06-2014 (11-06-2014, 12:15 AM)stevennathaniel Wrote: super sekali. keep sharing. dilanjut dong tutorialnya. masa cuma cara mengecek vulnerable atau tidak sistemnya. dibikin juga petunjuk cara memanfaatkan vulnerability nya. yg lebih seru gitu. misalnya dengan memanfaatkan metasploit untuk meluncurkan serangannya. maaf, ini baru di coba karena baru temen yang kasih gini bro. jadi baca2 referensi dulu, maaf nama author nya terlalu ke bawah hehe RE: TUTORIAL "SHELLSHOCK" BASH EXPLOIT + TEMPORARY PATCH - abdilahrf - 11-13-2014 (11-06-2014, 12:15 AM)stevennathaniel Wrote: super sekali. keep sharing. dilanjut dong tutorialnya. masa cuma cara mengecek vulnerable atau tidak sistemnya. dibikin juga petunjuk cara memanfaatkan vulnerability nya. yg lebih seru gitu. misalnya dengan memanfaatkan metasploit untuk meluncurkan serangannya. bener om dom ... RE: TUTORIAL "SHELLSHOCK" BASH EXPLOIT + TEMPORARY PATCH - dunkenciels - 11-13-2014 Deleted RE: TUTORIAL "SHELLSHOCK" BASH EXPLOIT + TEMPORARY PATCH - tukangrujak - 11-13-2014 duh shell shocker yang bikin waw waw kasihan para admin hosting kerja extra gara gara ini ngelembur ngelembur RE: TUTORIAL "SHELLSHOCK" BASH EXPLOIT + TEMPORARY PATCH - koecroet - 11-14-2014 ini copas ya ? +1 om. keep share yoo. RE: TUTORIAL "SHELLSHOCK" BASH EXPLOIT + TEMPORARY PATCH - m3t4b3t4 - 11-21-2014 mantebs bro. Lebih enak pakai screenshot biar saya bs langsung praktek *manja ^_^ |