-1

I want to know about "Shellshock bug" and therefore I would like to ask some questions:

  1. Is this bug still a real threat today (in 2016)?
  2. What damage can be done using this exploit?
  3. How many systems could be affected by this?
  4. How exactly the attack works? By that I mean, how a malicious user, could get access to bash to use evil commands?

Thank you, in advance.

d1str0
  • 2,348
  • 14
  • 24
user103913
  • 15
  • This is a well-known bug, and there are tons of sources that answer all your questions. What research have you performed? – schroeder Mar 09 '16 at 20:07

1 Answers1

0

First of all, Shellshock is a family of vulnerabilities not just one (CVE-2014-6271. CVE-2014-6277, CVE-2014-6278, CVE-2014-7169, CVE-2014-7186, and CVE-2014-718)

-it affects the Unix and Unix like systems. From Semantics

The vulnerability affects Bash, a common component known as a shell that appears in many versions of Linux and Unix. Bash acts as a command language interpreter. In other words, it allows the user to type commands into a simple text-based window, which the operating system will then run.

Bash can also be used to run commands passed to it by applications and it is this feature that the vulnerability affects

1) if you're using vulnerable version of bash (component of the OS that takes commands from you and passes it to the Kernel and return the output) Then yes, you are vulnerable

2) could allow an attacker to gain control over a targeted computer if exploited successfully.

3)

Shellshock could potentially compromise millions of unpatched servers and other systems. Accordingly, it has been compared to the Heartbleed bug in its severity

The Shellshock problem is an example of an arbitrary code execution (ACE) vulnerability. Typically, ACE vulnerability attacks are executed on programs that are running, and require a highly sophisticated understanding of the internals of code execution, memory layout, and assembly language—in short, this type of attack requires an expert. Attacker will also use an ACE vulnerability to upload or run a program that gives them a simple way of controlling the targeted machine. This is often achieved by running a "shell". A shell is a command-line where commands can be entered and executed.

4)

The vulnerability lies in the fact that an attacker can tack-on malicious code to the environment variable, which will run once the variable is received.

More read : http://www.symantec.com/connect/blogs/shellshock-all-you-need-know-about-bash-bug-vulnerability

https://blog.cloudflare.com/inside-shellshock/

http://resources.infosecinstitute.com/practical-shellshock-exploitation-part-1/

http://resources.infosecinstitute.com/practical-shellshock-exploitation-part-2/

HSN
  • 968
  • 5
  • 14