Learn Ethical Hacking and Penetration Testing Online

Learn ethical hacking, penetration testing, cyber security, best security and web penetration testing techniques from best ethical hackers in security field.

Menu

How to Fix Shellshock Bash Vulnerability Tutorial

How to Fix Shellshock Bash Vulnerability Tutorial : Shellshock or the “Bash Bug” vulnerability allows remote attackers to execute arbitrary code given certain conditions, by passing strings of code following environment variable assignments. Because of Bash’s ubiquitous status amongst Linux, BSD, and Mac OS X distributions, many computers are vulnerable to Shellshock; all unpatched Bash versions between 1.14 through 4.3 (i.e. all releases until now) are at risk. Today we will learn how to fix Shellshock bash Vulnerability on servers.

 
The Shellshock vulnerability can be exploited on systems that are running Services or applications that allow unauthorized remote users to assign Bash environment variables. Examples of exploitable systems include the following:
 
  • Apache HTTP Servers that use CGI scripts (via mod_cgi and mod_cgid) that are written in Bash or launch to Bash subshells
  • Certain DHCP clients
  • OpenSSH servers that use the ForceCommand capability
  • Various network-exposed services that use Bash
Complete description of the bug/Vulnerability can be found at CVE-2014-6271 and CVE-2014-7169.
 
How to Fix Shellshock Bash Vulnerability Tutorial
How to Fix Shellshock Bash Vulnerability Tutorial
 
 
Today i will show you how to test if your machines are vulnerable to shellshock aka Bash Bug and, if they are, how to update Bash to remove the vulnerability.
 
 

How to check that you are vulnerable to Bash bug or shellshock bash bug?

 
To check you system, first of all open the Bash prompt and execute the below command in bash prompt:
 

env X=”() { :;} ; echo Bash is Infected” /bin/sh -c “echo completed”

 
 

env X=”() { :;} ; echo Bash is Infected” `which bash` -c “echo completed”

 
 

env VAR='() { :;}; echo Bash is Infected‘ bash -c “echo completed”

 
 
If you see the output as “Bash is Infected”, your version of Bash is vulnerable and should be updated.
 
The “echo Bash is Infected” portion of the command represents where a remote attacker could inject malicious code; arbitrary code following a function definition within an environment variable assignment.
 
If your output does not include “Bash is Infected”, then you bash version is not vulnerable to Bash Bug or shellshock. It may look something like this :
 

bash: warning: VAR: ignoring function definition attempt
bash: error importing function definition for `VAR’
Bash Test

If your bash is vulnerable, then please find below tasks to fix Shellshock Bash Vulnerability.

How to test Remote sites or CGI Scripts that they are vulnerable to shellshock Bash Bug or Not?

If you want to test if websites or specific CGI scripts are vulnerable, use this online tool to test the website or script for shellshock or bash bug:
If you wish to test complete website i.e. from root, enter the website url into text box below “Test Web Site Root and Known URL Attack Points” and press begin test.
How does above scanner works?
Bash Bug scanner test a website by building a special crafted header and if it get an answer back from website, then you are vulnerable to Shellshock. We won’t collect any critical information from any scanned website.
Also, please have in mind that your website might still be vulnerable in a particular page, ussualy found in /cgi-bin/* folder or from special private file that is using bash shell commands.
If you only wish to test a specific CGI script then use the text box below “Test Specific Script URL” and press on begin test.
The above tool only uses the HTTP exploits. If you want to test your website or CGI scripts for Ping exploits, then please use below online tool :

Fix Bash Bug or Shellshock Vulnerability – Update Bash:

The easiest way to fix the vulnerability is to use your default package manager to update the version of Bash. To update Bash on various Linux distributions, including Ubuntu, Debian, CentOS, Red Hat, and Fedora please follow below instructions:

APT-GET: Ubuntu / Debian

On Ubuntu / Debian distributions, Update Bash to the latest version available via apt-get:

sudo apt-get update && sudo apt-get install –only-upgrade bash

Now check your system vulnerability again by running the command as mentioned above.

YUM: CentOS / Red Hat / Fedora

On CentOS or Red Hat or Fedora distributions, Update Bash to the latest version available via the yum:

sudo yum update bash

Now check your system vulnerability again by running the command as mentioned above.
Apple has not released the patch for OS X user yet but soon we will be having patch for Apple OS X too.
That’s it for today. If you have any issues, feel free to ask in form of comments.

Did you enjoy this post?

Would you like to join our Insider's List and be notified when we post something or get FREE exclusive content?

Join Our Insider's List

Leave a Reply

Contact Us
Privacy Policy

Disclaimer
500 Westover Dr #8208 Sanford NC 27330