SlideShare a Scribd company logo
ShellShock Introduction
Jie Liau @ Oct/08/2014
Introduction
● An example of an ACE (Arbitrary Code Execution)
vulnerability dedicated for BASH shell
– Could be leveraged by uploading/running a program that
gives attackers a simple way of controlling the targeted
machine
● This vulnerability had existed undiscovered since appro
version 1.13 in 1992
Cause
● Environment Variables
– One program starts another program, it provides an
initial list of environment variables for the new
program
– Bash
● Command interpreter
● Command
● It is possible to execute Bash from within itself
– Trigger point
● () { :;};
Inside Code
http://blog.erratasec.com/2014/09/the-shockingly-bad-code-of-
bash.html#.VDODH-JBp2I
● Original instance can export environment variables and function
definitions into the new instance.
● Function definitions are exported by encoding them within the
environment variable list as variables whose values begin with
parentheses ("()") followed by a function definition
● The new instance of Bash, upon starting, scans its environment
variable list for values in this format and converts them back
into internal functions. It performs this conversion by creating a
fragment of code from the value and executing it
● Affected versions do not verify that the fragment is a valid
function definition
● initialize_shell_variable()

Recommended for you

Testing Web Apps with Spring Framework
Testing Web Apps with Spring FrameworkTesting Web Apps with Spring Framework
Testing Web Apps with Spring Framework

This document provides an overview and examples of testing web applications built with the Spring framework. It discusses testing Spring controllers with pure unit tests using JUnit and Mockito. It also introduces the Spring MVC test framework for server-side integration testing of Spring MVC components without requiring a running servlet container. Examples are given of testing controller methods, request mappings, exceptions, and views using the MockMvc API to build and perform mock requests and assert the response.

javaspring mvcspring test mvc
Spring AOP
Spring AOPSpring AOP
Spring AOP

Spring AOP enables Aspect-Oriented Programming in spring applications. In AOP, aspects enable the modularization of concerns such as transaction management, logging or security that cut across multiple types and objects (often termed crosscutting concerns).

spring aopspringaspectj
Testing
TestingTesting
Testing

The document discusses different types of automated testing methodologies in Drupal 8 including unit testing, kernel testing, and functional testing. It provides details on how to register and run tests using PHPUnit and describes best practices for mocking dependencies and configurations.

testing
CVE #
● CVE-2014-6271
● CVE-2014-6277
● CVE-2014-6278
● CVE-2014-7169
● CVE-2014-7186
● CVE-2014-7187
How to check
● #env x=’() { :;}; echo 12345’ bash -c ‘echo 54321’
– 12345
– 54321
● #env x=’() { :;}; echo 12345’ bash -c ‘echo 54321’
– 54321
Specific Exploitation Vector
● CGI-based web server
● SSH server
● DHCP
● Email system
Vulnerable Function of Language
Perl exec(“date > /dev/null”);
open(FD, “| date > /dev/null”);
system(“date > /dev/null”);
print `date > /dev/null`;
PHP exec(‘date);
system(‘date’);
mb_send_mail();
Python os.system(‘date’)
subprocess.call(‘date’, shell =True)
subprocess.Popen(‘date’, shell=True)
Ruby `date`
exec ‘date’
system ‘date’

Recommended for you

Implementing Generic Servers for Eclipse WebTools
Implementing Generic Servers for Eclipse WebToolsImplementing Generic Servers for Eclipse WebTools
Implementing Generic Servers for Eclipse WebTools

A tutorial for implementing generic server adapters for the Eclipse WebTools Platform. This was presented on EclipseCon 2006.

eclipsewtp
M5 l7-rails controllers-response-handout
M5 l7-rails controllers-response-handoutM5 l7-rails controllers-response-handout
M5 l7-rails controllers-response-handout

This document discusses Rails controllers and how they handle requests and responses. It explains that controllers route requests to actions, retrieve data from models using filters, and pass data to views to generate responses. Controllers can return HTML or JSON and use sessions to persist data or flashes between requests. Responses can also be redirects to other URLs within the application.

Asynkron programmering i Visual Studio 11
Asynkron programmering i Visual Studio 11Asynkron programmering i Visual Studio 11
Asynkron programmering i Visual Studio 11

The document summarizes a presentation on asynchronous programming in Visual Studio 11. It discusses improvements to Visual Studio 11 tools like Quick Launch, Team Explorer, and Solution Explorer. It also covers the new Task-based Asynchronous Pattern introduced in C# 5.0, which uses Tasks to provide an asynchronous programming model that supports cancellation, progress updates, and awaiting asynchronous operations. The presentation encourages attendees to try the upcoming Consumer Preview release of Visual Studio 11.

Demo
Conclusion
● Upgrade your bash and stay calm

More Related Content

What's hot

Function & procedure
Function & procedureFunction & procedure
Function & procedure
atishupadhyay
 
Raman
RamanRaman
Raman
raman_kaur
 
React js t3 - es6
React js   t3 - es6React js   t3 - es6
React js t3 - es6
Jainul Musani
 
Testing Web Apps with Spring Framework
Testing Web Apps with Spring FrameworkTesting Web Apps with Spring Framework
Testing Web Apps with Spring Framework
Dmytro Chyzhykov
 
Spring AOP
Spring AOPSpring AOP
Spring AOP
Lhouceine OUHAMZA
 
Testing
TestingTesting
Testing
Shweta Grover
 
Implementing Generic Servers for Eclipse WebTools
Implementing Generic Servers for Eclipse WebToolsImplementing Generic Servers for Eclipse WebTools
Implementing Generic Servers for Eclipse WebTools
Gorkem Ercan
 
M5 l7-rails controllers-response-handout
M5 l7-rails controllers-response-handoutM5 l7-rails controllers-response-handout
M5 l7-rails controllers-response-handout
Nolboo Kim
 
Asynkron programmering i Visual Studio 11
Asynkron programmering i Visual Studio 11Asynkron programmering i Visual Studio 11
Asynkron programmering i Visual Studio 11
MortenWennevik
 
React js t4 - components
React js   t4 - componentsReact js   t4 - components
React js t4 - components
Jainul Musani
 
Ch 4 linker loader
Ch 4 linker loaderCh 4 linker loader
Ch 4 linker loader
Malek Sumaiya
 
M expression
M expressionM expression
M expression
Vasanthii Chowdary
 
Prometheus and Grafana
Prometheus and GrafanaPrometheus and Grafana
Prometheus and Grafana
Lhouceine OUHAMZA
 
Soot for dummies
Soot for dummiesSoot for dummies
Soot for dummies
Leandro Lera Romero
 

What's hot (14)

Function & procedure
Function & procedureFunction & procedure
Function & procedure
 
Raman
RamanRaman
Raman
 
React js t3 - es6
React js   t3 - es6React js   t3 - es6
React js t3 - es6
 
Testing Web Apps with Spring Framework
Testing Web Apps with Spring FrameworkTesting Web Apps with Spring Framework
Testing Web Apps with Spring Framework
 
Spring AOP
Spring AOPSpring AOP
Spring AOP
 
Testing
TestingTesting
Testing
 
Implementing Generic Servers for Eclipse WebTools
Implementing Generic Servers for Eclipse WebToolsImplementing Generic Servers for Eclipse WebTools
Implementing Generic Servers for Eclipse WebTools
 
M5 l7-rails controllers-response-handout
M5 l7-rails controllers-response-handoutM5 l7-rails controllers-response-handout
M5 l7-rails controllers-response-handout
 
Asynkron programmering i Visual Studio 11
Asynkron programmering i Visual Studio 11Asynkron programmering i Visual Studio 11
Asynkron programmering i Visual Studio 11
 
React js t4 - components
React js   t4 - componentsReact js   t4 - components
React js t4 - components
 
Ch 4 linker loader
Ch 4 linker loaderCh 4 linker loader
Ch 4 linker loader
 
M expression
M expressionM expression
M expression
 
Prometheus and Grafana
Prometheus and GrafanaPrometheus and Grafana
Prometheus and Grafana
 
Soot for dummies
Soot for dummiesSoot for dummies
Soot for dummies
 

Similar to Shell Shock

HPC_MPI_CICID_OA.pptx
HPC_MPI_CICID_OA.pptxHPC_MPI_CICID_OA.pptx
HPC_MPI_CICID_OA.pptx
ObjectAutomation2
 
module 4.docx
module 4.docxmodule 4.docx
module 4.docx
GOKULDEV20
 
Unit 3
Unit 3Unit 3
Unit 3
pm_ghate
 
Composer namespacing
Composer namespacingComposer namespacing
Composer namespacing
Deepak Chandani
 
Autotools
AutotoolsAutotools
Autotools
Vibha Singh
 
Kirill Rozin - Practical Wars for Automatization
Kirill Rozin - Practical Wars for AutomatizationKirill Rozin - Practical Wars for Automatization
Kirill Rozin - Practical Wars for Automatization
Sergey Arkhipov
 
Introduction To Embedding The PH7 PHP Engine in a C/C++ Host Application.
Introduction To Embedding The PH7 PHP Engine in a C/C++ Host Application.Introduction To Embedding The PH7 PHP Engine in a C/C++ Host Application.
Introduction To Embedding The PH7 PHP Engine in a C/C++ Host Application.
Chems Mrad
 
CSO Laboratory Manual
CSO Laboratory ManualCSO Laboratory Manual
CSO Laboratory Manual
Dwight Sabio
 
Build server
Build serverBuild server
Build server
Christophe Vanlancker
 
BACKGROUND A shell provides a command-line interface for users. I.docx
BACKGROUND A shell provides a command-line interface for users. I.docxBACKGROUND A shell provides a command-line interface for users. I.docx
BACKGROUND A shell provides a command-line interface for users. I.docx
wilcockiris
 
CS8251_QB_answers.pdf
CS8251_QB_answers.pdfCS8251_QB_answers.pdf
CS8251_QB_answers.pdf
vino108206
 
Introduction To C++ programming and its basic concepts
Introduction To C++ programming and its basic conceptsIntroduction To C++ programming and its basic concepts
Introduction To C++ programming and its basic concepts
ssuserf86fba
 
APACHE
APACHEAPACHE
APACHE
ARJUN
 
Dependency management with Composer
Dependency management with ComposerDependency management with Composer
Dependency management with Composer
Jason Grimes
 
Firebird 3: provider-based architecture, plugins and OO approach to API
Firebird 3: provider-based architecture, plugins and OO approach to API Firebird 3: provider-based architecture, plugins and OO approach to API
Firebird 3: provider-based architecture, plugins and OO approach to API
Mind The Firebird
 
Loaders
LoadersLoaders
Node js Global Packages
Node js Global PackagesNode js Global Packages
Node js Global Packages
sanskriti agarwal
 
Autotools
AutotoolsAutotools
Autotools
Vibha Singh
 
First session quiz
First session quizFirst session quiz
First session quiz
Keroles karam khalil
 
First session quiz
First session quizFirst session quiz
First session quiz
Keroles karam khalil
 

Similar to Shell Shock (20)

HPC_MPI_CICID_OA.pptx
HPC_MPI_CICID_OA.pptxHPC_MPI_CICID_OA.pptx
HPC_MPI_CICID_OA.pptx
 
module 4.docx
module 4.docxmodule 4.docx
module 4.docx
 
Unit 3
Unit 3Unit 3
Unit 3
 
Composer namespacing
Composer namespacingComposer namespacing
Composer namespacing
 
Autotools
AutotoolsAutotools
Autotools
 
Kirill Rozin - Practical Wars for Automatization
Kirill Rozin - Practical Wars for AutomatizationKirill Rozin - Practical Wars for Automatization
Kirill Rozin - Practical Wars for Automatization
 
Introduction To Embedding The PH7 PHP Engine in a C/C++ Host Application.
Introduction To Embedding The PH7 PHP Engine in a C/C++ Host Application.Introduction To Embedding The PH7 PHP Engine in a C/C++ Host Application.
Introduction To Embedding The PH7 PHP Engine in a C/C++ Host Application.
 
CSO Laboratory Manual
CSO Laboratory ManualCSO Laboratory Manual
CSO Laboratory Manual
 
Build server
Build serverBuild server
Build server
 
BACKGROUND A shell provides a command-line interface for users. I.docx
BACKGROUND A shell provides a command-line interface for users. I.docxBACKGROUND A shell provides a command-line interface for users. I.docx
BACKGROUND A shell provides a command-line interface for users. I.docx
 
CS8251_QB_answers.pdf
CS8251_QB_answers.pdfCS8251_QB_answers.pdf
CS8251_QB_answers.pdf
 
Introduction To C++ programming and its basic concepts
Introduction To C++ programming and its basic conceptsIntroduction To C++ programming and its basic concepts
Introduction To C++ programming and its basic concepts
 
APACHE
APACHEAPACHE
APACHE
 
Dependency management with Composer
Dependency management with ComposerDependency management with Composer
Dependency management with Composer
 
Firebird 3: provider-based architecture, plugins and OO approach to API
Firebird 3: provider-based architecture, plugins and OO approach to API Firebird 3: provider-based architecture, plugins and OO approach to API
Firebird 3: provider-based architecture, plugins and OO approach to API
 
Loaders
LoadersLoaders
Loaders
 
Node js Global Packages
Node js Global PackagesNode js Global Packages
Node js Global Packages
 
Autotools
AutotoolsAutotools
Autotools
 
First session quiz
First session quizFirst session quiz
First session quiz
 
First session quiz
First session quizFirst session quiz
First session quiz
 

More from Jie Liau

iThome_CYBERSEC2024_Drive_Into_the_DarkWeb
iThome_CYBERSEC2024_Drive_Into_the_DarkWebiThome_CYBERSEC2024_Drive_Into_the_DarkWeb
iThome_CYBERSEC2024_Drive_Into_the_DarkWeb
Jie Liau
 
OWASPAPISecurity
OWASPAPISecurityOWASPAPISecurity
OWASPAPISecurity
Jie Liau
 
HowYourAPIBeMyAPI
HowYourAPIBeMyAPIHowYourAPIBeMyAPI
HowYourAPIBeMyAPI
Jie Liau
 
iThome CyberSec2021 Container Security
iThome CyberSec2021 Container SecurityiThome CyberSec2021 Container Security
iThome CyberSec2021 Container Security
Jie Liau
 
Container Security
Container SecurityContainer Security
Container Security
Jie Liau
 
Protecting Your Internet Route Integrity
Protecting Your Internet Route IntegrityProtecting Your Internet Route Integrity
Protecting Your Internet Route Integrity
Jie Liau
 
The Tor Network
The Tor NetworkThe Tor Network
The Tor Network
Jie Liau
 
IBM X-Force Threat Intelligence Index 2017
IBM X-Force Threat Intelligence Index 2017IBM X-Force Threat Intelligence Index 2017
IBM X-Force Threat Intelligence Index 2017
Jie Liau
 
DDoS
DDoSDDoS
DDoS
Jie Liau
 

More from Jie Liau (9)

iThome_CYBERSEC2024_Drive_Into_the_DarkWeb
iThome_CYBERSEC2024_Drive_Into_the_DarkWebiThome_CYBERSEC2024_Drive_Into_the_DarkWeb
iThome_CYBERSEC2024_Drive_Into_the_DarkWeb
 
OWASPAPISecurity
OWASPAPISecurityOWASPAPISecurity
OWASPAPISecurity
 
HowYourAPIBeMyAPI
HowYourAPIBeMyAPIHowYourAPIBeMyAPI
HowYourAPIBeMyAPI
 
iThome CyberSec2021 Container Security
iThome CyberSec2021 Container SecurityiThome CyberSec2021 Container Security
iThome CyberSec2021 Container Security
 
Container Security
Container SecurityContainer Security
Container Security
 
Protecting Your Internet Route Integrity
Protecting Your Internet Route IntegrityProtecting Your Internet Route Integrity
Protecting Your Internet Route Integrity
 
The Tor Network
The Tor NetworkThe Tor Network
The Tor Network
 
IBM X-Force Threat Intelligence Index 2017
IBM X-Force Threat Intelligence Index 2017IBM X-Force Threat Intelligence Index 2017
IBM X-Force Threat Intelligence Index 2017
 
DDoS
DDoSDDoS
DDoS
 

Recently uploaded

@Girls @Call Chennai 🛬 XXXXXXXXXX 🛬 available 24*7 cash payment book now pay ...
@Girls @Call Chennai 🛬 XXXXXXXXXX 🛬 available 24*7 cash payment book now pay ...@Girls @Call Chennai 🛬 XXXXXXXXXX 🛬 available 24*7 cash payment book now pay ...
@Girls @Call Chennai 🛬 XXXXXXXXXX 🛬 available 24*7 cash payment book now pay ...
shamrisumri
 
Draya Michele’s Son – Kniko Howard’s Rise to Fame.pptx
Draya Michele’s Son – Kniko Howard’s Rise to Fame.pptxDraya Michele’s Son – Kniko Howard’s Rise to Fame.pptx
Draya Michele’s Son – Kniko Howard’s Rise to Fame.pptx
ashishkumarrana9
 
University of Otago degree offer diploma Transcript
University of Otago degree offer diploma TranscriptUniversity of Otago degree offer diploma Transcript
University of Otago degree offer diploma Transcript
ubufe
 
Common Challenges in UI UX Design and How Services Can Help.pdf
Common Challenges in UI UX Design and How Services Can Help.pdfCommon Challenges in UI UX Design and How Services Can Help.pdf
Common Challenges in UI UX Design and How Services Can Help.pdf
Serva AppLabs
 
Web development Platform Constraints.pptx
Web development Platform Constraints.pptxWeb development Platform Constraints.pptx
Web development Platform Constraints.pptx
ssuser2f6682
 
Future Trends What's Next for UI UX Design on Websites
Future Trends What's Next for UI UX Design on WebsitesFuture Trends What's Next for UI UX Design on Websites
Future Trends What's Next for UI UX Design on Websites
Serva AppLabs
 
cyber-security-training-presentation-q320.ppt
cyber-security-training-presentation-q320.pptcyber-security-training-presentation-q320.ppt
cyber-security-training-presentation-q320.ppt
LiamOConnor52
 
Bai-Tập-Tiếng-Anh-On-Tập-He lớp 1- lớp 5 hot nhất
Bai-Tập-Tiếng-Anh-On-Tập-He lớp 1- lớp 5  hot nhấtBai-Tập-Tiếng-Anh-On-Tập-He lớp 1- lớp 5  hot nhất
Bai-Tập-Tiếng-Anh-On-Tập-He lớp 1- lớp 5 hot nhất
Thiên Đường Tình Yêu
 
PSD to Wordpress Service Providers in 2024
PSD to Wordpress Service Providers in 2024PSD to Wordpress Service Providers in 2024
PSD to Wordpress Service Providers in 2024
Bestdesign2hub
 
Why Your Business Needs a Professional Web Design Company UAE
Why Your Business Needs a Professional Web Design Company UAEWhy Your Business Needs a Professional Web Design Company UAE
Why Your Business Needs a Professional Web Design Company UAE
adelewhite125
 
202254.com全网最高清影视香蕉影视,热门电影推荐,热门电视剧在线观看,免费电影,电影在线,在线观看。球华人在线電視劇,免费点播,免费提供最新高清的...
202254.com全网最高清影视香蕉影视,热门电影推荐,热门电视剧在线观看,免费电影,电影在线,在线观看。球华人在线電視劇,免费点播,免费提供最新高清的...202254.com全网最高清影视香蕉影视,热门电影推荐,热门电视剧在线观看,免费电影,电影在线,在线观看。球华人在线電視劇,免费点播,免费提供最新高清的...
202254.com全网最高清影视香蕉影视,热门电影推荐,热门电视剧在线观看,免费电影,电影在线,在线观看。球华人在线電視劇,免费点播,免费提供最新高清的...
ffg01100
 
Quiz Quiz Hota Hai (School Quiz 2018-19)
Quiz Quiz Hota Hai (School Quiz 2018-19)Quiz Quiz Hota Hai (School Quiz 2018-19)
Quiz Quiz Hota Hai (School Quiz 2018-19)
Kashyap J
 
Corporate Minimal Newspaper Headline Style Newsletter.pptx
Corporate Minimal Newspaper Headline Style Newsletter.pptxCorporate Minimal Newspaper Headline Style Newsletter.pptx
Corporate Minimal Newspaper Headline Style Newsletter.pptx
byubyu7
 
Lincoln University degree offer diploma Transcript
Lincoln University degree offer diploma TranscriptLincoln University degree offer diploma Transcript
Lincoln University degree offer diploma Transcript
ubufe
 
Information Systems Auditing, Controls and Assurance , tanapat limsaiprom
Information Systems Auditing, Controls and Assurance , tanapat limsaipromInformation Systems Auditing, Controls and Assurance , tanapat limsaiprom
Information Systems Auditing, Controls and Assurance , tanapat limsaiprom
TanapatLimsaiprom1
 
Massey University degree offer diploma Transcript
Massey University degree offer diploma TranscriptMassey University degree offer diploma Transcript
Massey University degree offer diploma Transcript
ubufe
 
Jarren Duran Fuck EM T shirts Jarren Duran Fuck EM T shirts
Jarren Duran Fuck EM T shirts Jarren Duran Fuck EM T shirtsJarren Duran Fuck EM T shirts Jarren Duran Fuck EM T shirts
Jarren Duran Fuck EM T shirts Jarren Duran Fuck EM T shirts
exgf28
 
Steps involved in the implementation of EDI in a company
Steps involved in the implementation of EDI in a companySteps involved in the implementation of EDI in a company
Steps involved in the implementation of EDI in a company
sivaraman163206
 
202254.com免费观看《长相思第二季》免费观看高清,长相思第二季线上看,《长相思第二季》最新电视剧在线观看,杨紫最新电视剧
202254.com免费观看《长相思第二季》免费观看高清,长相思第二季线上看,《长相思第二季》最新电视剧在线观看,杨紫最新电视剧202254.com免费观看《长相思第二季》免费观看高清,长相思第二季线上看,《长相思第二季》最新电视剧在线观看,杨紫最新电视剧
202254.com免费观看《长相思第二季》免费观看高清,长相思第二季线上看,《长相思第二季》最新电视剧在线观看,杨紫最新电视剧
ffg01100
 
6 Reasons to Use a VPN | 3S VPN Server App
6 Reasons to Use a VPN | 3S VPN Server App6 Reasons to Use a VPN | 3S VPN Server App
6 Reasons to Use a VPN | 3S VPN Server App
VPN Server
 

Recently uploaded (20)

@Girls @Call Chennai 🛬 XXXXXXXXXX 🛬 available 24*7 cash payment book now pay ...
@Girls @Call Chennai 🛬 XXXXXXXXXX 🛬 available 24*7 cash payment book now pay ...@Girls @Call Chennai 🛬 XXXXXXXXXX 🛬 available 24*7 cash payment book now pay ...
@Girls @Call Chennai 🛬 XXXXXXXXXX 🛬 available 24*7 cash payment book now pay ...
 
Draya Michele’s Son – Kniko Howard’s Rise to Fame.pptx
Draya Michele’s Son – Kniko Howard’s Rise to Fame.pptxDraya Michele’s Son – Kniko Howard’s Rise to Fame.pptx
Draya Michele’s Son – Kniko Howard’s Rise to Fame.pptx
 
University of Otago degree offer diploma Transcript
University of Otago degree offer diploma TranscriptUniversity of Otago degree offer diploma Transcript
University of Otago degree offer diploma Transcript
 
Common Challenges in UI UX Design and How Services Can Help.pdf
Common Challenges in UI UX Design and How Services Can Help.pdfCommon Challenges in UI UX Design and How Services Can Help.pdf
Common Challenges in UI UX Design and How Services Can Help.pdf
 
Web development Platform Constraints.pptx
Web development Platform Constraints.pptxWeb development Platform Constraints.pptx
Web development Platform Constraints.pptx
 
Future Trends What's Next for UI UX Design on Websites
Future Trends What's Next for UI UX Design on WebsitesFuture Trends What's Next for UI UX Design on Websites
Future Trends What's Next for UI UX Design on Websites
 
cyber-security-training-presentation-q320.ppt
cyber-security-training-presentation-q320.pptcyber-security-training-presentation-q320.ppt
cyber-security-training-presentation-q320.ppt
 
Bai-Tập-Tiếng-Anh-On-Tập-He lớp 1- lớp 5 hot nhất
Bai-Tập-Tiếng-Anh-On-Tập-He lớp 1- lớp 5  hot nhấtBai-Tập-Tiếng-Anh-On-Tập-He lớp 1- lớp 5  hot nhất
Bai-Tập-Tiếng-Anh-On-Tập-He lớp 1- lớp 5 hot nhất
 
PSD to Wordpress Service Providers in 2024
PSD to Wordpress Service Providers in 2024PSD to Wordpress Service Providers in 2024
PSD to Wordpress Service Providers in 2024
 
Why Your Business Needs a Professional Web Design Company UAE
Why Your Business Needs a Professional Web Design Company UAEWhy Your Business Needs a Professional Web Design Company UAE
Why Your Business Needs a Professional Web Design Company UAE
 
202254.com全网最高清影视香蕉影视,热门电影推荐,热门电视剧在线观看,免费电影,电影在线,在线观看。球华人在线電視劇,免费点播,免费提供最新高清的...
202254.com全网最高清影视香蕉影视,热门电影推荐,热门电视剧在线观看,免费电影,电影在线,在线观看。球华人在线電視劇,免费点播,免费提供最新高清的...202254.com全网最高清影视香蕉影视,热门电影推荐,热门电视剧在线观看,免费电影,电影在线,在线观看。球华人在线電視劇,免费点播,免费提供最新高清的...
202254.com全网最高清影视香蕉影视,热门电影推荐,热门电视剧在线观看,免费电影,电影在线,在线观看。球华人在线電視劇,免费点播,免费提供最新高清的...
 
Quiz Quiz Hota Hai (School Quiz 2018-19)
Quiz Quiz Hota Hai (School Quiz 2018-19)Quiz Quiz Hota Hai (School Quiz 2018-19)
Quiz Quiz Hota Hai (School Quiz 2018-19)
 
Corporate Minimal Newspaper Headline Style Newsletter.pptx
Corporate Minimal Newspaper Headline Style Newsletter.pptxCorporate Minimal Newspaper Headline Style Newsletter.pptx
Corporate Minimal Newspaper Headline Style Newsletter.pptx
 
Lincoln University degree offer diploma Transcript
Lincoln University degree offer diploma TranscriptLincoln University degree offer diploma Transcript
Lincoln University degree offer diploma Transcript
 
Information Systems Auditing, Controls and Assurance , tanapat limsaiprom
Information Systems Auditing, Controls and Assurance , tanapat limsaipromInformation Systems Auditing, Controls and Assurance , tanapat limsaiprom
Information Systems Auditing, Controls and Assurance , tanapat limsaiprom
 
Massey University degree offer diploma Transcript
Massey University degree offer diploma TranscriptMassey University degree offer diploma Transcript
Massey University degree offer diploma Transcript
 
Jarren Duran Fuck EM T shirts Jarren Duran Fuck EM T shirts
Jarren Duran Fuck EM T shirts Jarren Duran Fuck EM T shirtsJarren Duran Fuck EM T shirts Jarren Duran Fuck EM T shirts
Jarren Duran Fuck EM T shirts Jarren Duran Fuck EM T shirts
 
Steps involved in the implementation of EDI in a company
Steps involved in the implementation of EDI in a companySteps involved in the implementation of EDI in a company
Steps involved in the implementation of EDI in a company
 
202254.com免费观看《长相思第二季》免费观看高清,长相思第二季线上看,《长相思第二季》最新电视剧在线观看,杨紫最新电视剧
202254.com免费观看《长相思第二季》免费观看高清,长相思第二季线上看,《长相思第二季》最新电视剧在线观看,杨紫最新电视剧202254.com免费观看《长相思第二季》免费观看高清,长相思第二季线上看,《长相思第二季》最新电视剧在线观看,杨紫最新电视剧
202254.com免费观看《长相思第二季》免费观看高清,长相思第二季线上看,《长相思第二季》最新电视剧在线观看,杨紫最新电视剧
 
6 Reasons to Use a VPN | 3S VPN Server App
6 Reasons to Use a VPN | 3S VPN Server App6 Reasons to Use a VPN | 3S VPN Server App
6 Reasons to Use a VPN | 3S VPN Server App
 

Shell Shock

  • 2. Introduction ● An example of an ACE (Arbitrary Code Execution) vulnerability dedicated for BASH shell – Could be leveraged by uploading/running a program that gives attackers a simple way of controlling the targeted machine ● This vulnerability had existed undiscovered since appro version 1.13 in 1992
  • 3. Cause ● Environment Variables – One program starts another program, it provides an initial list of environment variables for the new program – Bash ● Command interpreter ● Command ● It is possible to execute Bash from within itself – Trigger point ● () { :;};
  • 4. Inside Code http://blog.erratasec.com/2014/09/the-shockingly-bad-code-of- bash.html#.VDODH-JBp2I ● Original instance can export environment variables and function definitions into the new instance. ● Function definitions are exported by encoding them within the environment variable list as variables whose values begin with parentheses ("()") followed by a function definition ● The new instance of Bash, upon starting, scans its environment variable list for values in this format and converts them back into internal functions. It performs this conversion by creating a fragment of code from the value and executing it ● Affected versions do not verify that the fragment is a valid function definition ● initialize_shell_variable()
  • 5. CVE # ● CVE-2014-6271 ● CVE-2014-6277 ● CVE-2014-6278 ● CVE-2014-7169 ● CVE-2014-7186 ● CVE-2014-7187
  • 6. How to check ● #env x=’() { :;}; echo 12345’ bash -c ‘echo 54321’ – 12345 – 54321 ● #env x=’() { :;}; echo 12345’ bash -c ‘echo 54321’ – 54321
  • 7. Specific Exploitation Vector ● CGI-based web server ● SSH server ● DHCP ● Email system
  • 8. Vulnerable Function of Language Perl exec(“date > /dev/null”); open(FD, “| date > /dev/null”); system(“date > /dev/null”); print `date > /dev/null`; PHP exec(‘date); system(‘date’); mb_send_mail(); Python os.system(‘date’) subprocess.call(‘date’, shell =True) subprocess.Popen(‘date’, shell=True) Ruby `date` exec ‘date’ system ‘date’
  • 10. Conclusion ● Upgrade your bash and stay calm