+- Indonesian Back|Track Team (https://www.indonesianbacktrack.or.id/forum)
+-- Forum: Attacker Zone (https://www.indonesianbacktrack.or.id/forum/forum-169.html)
+--- Forum: Cracking (https://www.indonesianbacktrack.or.id/forum/forum-126.html)
+--- Thread: Share TUTORIAL "SHELLSHOCK" BASH EXPLOIT + TEMPORARY PATCH (/thread-6056.html)
Pages:
1
2
TUTORIAL "SHELLSHOCK" BASH EXPLOIT + TEMPORARY PATCH - Ichsan Bahri - 11-05-2014
Yesterday, a serious bug affecting all versions of GNU bash was disclosed. The bug is in parsing of functions inside environment variables. Specifically, bash does not stop parsing functions at the end of the function. It will continue to execute whatever code it was given. This is remotely exploitable through any condition that allows a user to set environment variables and run bash.
An example would be HTTP headers being sent before running a CGI script. Web servers pass these headers through environment variables, therefore nearly all Linux systems running CGI on webservers are vulnerable at this moment.
The simplest way of getting execution through this bug is to send a malformed bash function as your user agent, like this one:
PHP Code:
Quote:() { :;}; YOUR COMMANDS HERE
Here is a local way to check if you are vulnerable.
PHP Code:
Quote:env "x=() { :;}; echo vuln;" bash
There is only a partial patch available at the time of this writing. To fully work around this bug for now, you'll have to set a Bourne-compatible shell as your system shell, like so:
PHP Code:
Quote:cd /bin; rm sh; ln -s dash sh
# DO NOT DO THIS WITHOUT DASH INSTALLED. YOU WILL MESS UP YOUR SYSTEM.
EDIT: Just making it clear that HTTP is not the only way to exploit this. If you are running bash on or before September 25th, 2014, you are exploitable somehow. Period. DHCP clients are affected, webservers are affected, anything that calls system() is affected, your cron scripts are potentially affected, your init scripts are potentially affected and SSHd is affected, allowing for bypass of ForceCommand directives. Even your Macbook is vulnerable. This is serious shit.
Author= Reiko
RE: TUTORIAL "SHELLSHOCK" BASH EXPLOIT + TEMPORARY PATCH - stevennathaniel - 11-06-2014
super sekali. keep sharing. dilanjut dong tutorialnya. masa cuma cara mengecek vulnerable atau tidak sistemnya. dibikin juga petunjuk cara memanfaatkan vulnerability nya. yg lebih seru gitu. misalnya dengan memanfaatkan metasploit untuk meluncurkan serangannya.
RE: TUTORIAL "SHELLSHOCK" BASH EXPLOIT + TEMPORARY PATCH - wine trochanter - 11-06-2014
ew english
buatan sendiri or copas?
RE: TUTORIAL "SHELLSHOCK" BASH EXPLOIT + TEMPORARY PATCH - Ichsan Bahri - 11-06-2014
(11-06-2014, 12:17 AM)wine trochanter Wrote: ew english
buatan sendiri or copas?
punya orang om, itu ada di paling bawah author nya, bentar om tak besarin dulu hehe
RE: TUTORIAL "SHELLSHOCK" BASH EXPLOIT + TEMPORARY PATCH - Ichsan Bahri - 11-06-2014
(11-06-2014, 12:15 AM)stevennathaniel Wrote: super sekali. keep sharing. dilanjut dong tutorialnya. masa cuma cara mengecek vulnerable atau tidak sistemnya. dibikin juga petunjuk cara memanfaatkan vulnerability nya. yg lebih seru gitu. misalnya dengan memanfaatkan metasploit untuk meluncurkan serangannya.
maaf, ini baru di coba karena baru temen yang kasih gini bro. jadi baca2 referensi dulu, maaf nama author nya terlalu ke bawah hehe
RE: TUTORIAL "SHELLSHOCK" BASH EXPLOIT + TEMPORARY PATCH - abdilahrf - 11-13-2014
(11-06-2014, 12:15 AM)stevennathaniel Wrote: super sekali. keep sharing. dilanjut dong tutorialnya. masa cuma cara mengecek vulnerable atau tidak sistemnya. dibikin juga petunjuk cara memanfaatkan vulnerability nya. yg lebih seru gitu. misalnya dengan memanfaatkan metasploit untuk meluncurkan serangannya.
bener om dom
...
RE: TUTORIAL "SHELLSHOCK" BASH EXPLOIT + TEMPORARY PATCH - dunkenciels - 11-13-2014
Deleted
RE: TUTORIAL "SHELLSHOCK" BASH EXPLOIT + TEMPORARY PATCH - tukangrujak - 11-13-2014
duh shell shocker yang bikin waw waw kasihan para admin hosting kerja extra gara gara ini ngelembur ngelembur
RE: TUTORIAL "SHELLSHOCK" BASH EXPLOIT + TEMPORARY PATCH - koecroet - 11-14-2014
ini copas ya ? +1 om. keep share yoo.
RE: TUTORIAL "SHELLSHOCK" BASH EXPLOIT + TEMPORARY PATCH - m3t4b3t4 - 11-21-2014
mantebs bro. Lebih enak pakai screenshot biar saya bs langsung praktek *manja ^_^