[Share] TUTORIAL "SHELLSHOCK" BASH EXPLOIT + TEMPORARY PATCH
#1
Yesterday, a serious bug affecting all versions of GNU bash was disclosed. The bug is in parsing of functions inside environment variables. Specifically, bash does not stop parsing functions at the end of the function. It will continue to execute whatever code it was given. This is remotely exploitable through any condition that allows a user to set environment variables and run bash.

An example would be HTTP headers being sent before running a CGI script. Web servers pass these headers through environment variables, therefore nearly all Linux systems running CGI on webservers are vulnerable at this moment.

The simplest way of getting execution through this bug is to send a malformed bash function as your user agent, like this one:

PHP Code:

Quote:() { :;}; YOUR COMMANDS HERE

Here is a local way to check if you are vulnerable.

PHP Code:

Quote:env "x=() { :;}; echo vuln;" bash

There is only a partial patch available at the time of this writing. To fully work around this bug for now, you'll have to set a Bourne-compatible shell as your system shell, like so:

PHP Code:

Quote:cd /bin; rm sh; ln -s dash sh

# DO NOT DO THIS WITHOUT DASH INSTALLED. YOU WILL MESS UP YOUR SYSTEM.

EDIT: Just making it clear that HTTP is not the only way to exploit this. If you are running bash on or before September 25th, 2014, you are exploitable somehow. Period. DHCP clients are affected, webservers are affected, anything that calls system() is affected, your cron scripts are potentially affected, your init scripts are potentially affected and SSHd is affected, allowing for bypass of ForceCommand directives. Even your Macbook is vulnerable. This is serious shit.

Author= Reiko

#2
super sekali. keep sharing. dilanjut dong tutorialnya. masa cuma cara mengecek vulnerable atau tidak sistemnya. dibikin juga petunjuk cara memanfaatkan vulnerability nya. yg lebih seru gitu. misalnya dengan memanfaatkan metasploit untuk meluncurkan serangannya.

#3
ew english
buatan sendiri or copas?
ada kodok teroret teroret dipinggir kali terorret teroret mencari makan teroret teroret setiap pagi teroret teroret

visit: http://warungiso.blogspot.com/

I was not smart or special but I was unix

#4
(11-06-2014, 12:17 AM)wine trochanter Wrote: ew english
buatan sendiri or copas?

punya orang om, itu ada di paling bawah author nya, bentar om tak besarin dulu hehe

#5
(11-06-2014, 12:15 AM)stevennathaniel Wrote: super sekali. keep sharing. dilanjut dong tutorialnya. masa cuma cara mengecek vulnerable atau tidak sistemnya. dibikin juga petunjuk cara memanfaatkan vulnerability nya. yg lebih seru gitu. misalnya dengan memanfaatkan metasploit untuk meluncurkan serangannya.

maaf, ini baru di coba karena baru temen yang kasih gini bro. jadi baca2 referensi dulu, maaf nama author nya terlalu ke bawah hehe

#6
(11-06-2014, 12:15 AM)stevennathaniel Wrote: super sekali. keep sharing. dilanjut dong tutorialnya. masa cuma cara mengecek vulnerable atau tidak sistemnya. dibikin juga petunjuk cara memanfaatkan vulnerability nya. yg lebih seru gitu. misalnya dengan memanfaatkan metasploit untuk meluncurkan serangannya.

bener om dom Big Grin ...

#7
Deleted

#8
duh shell shocker yang bikin waw waw kasihan para admin hosting kerja extra gara gara ini ngelembur ngelembur
apalah aku cuman tukang rujak keliling untuk menyambung hidup syukur syukur bisa beli range rover sport

#9
ini copas ya ? +1 om. keep share yoo.
[shcode=This_site_xss-ed]

#10
mantebs bro. Lebih enak pakai screenshot biar saya bs langsung praktek *manja ^_^






Users browsing this thread: 1 Guest(s)