Example Analysis of bash vulnerability recurrence 01/28 Update SLTechnology News&Howtos

Example Analysis of bash vulnerability recurrence

2025-01-28 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Network Security >

Shulou(Shulou.com)05/31 Report--

This article mainly introduces the example analysis of the recurrence of bash vulnerabilities, which has a certain reference value, and interested friends can refer to it. I hope you will gain a lot after reading this article.

Bourne Again Shell (BASH for short) is the most popular SHELL implementation on GNU/Linux. It was born in 1980. After decades of evolution, it has evolved from a simple terminal command line interpreter to a multi-function interface deeply integrated with the GNU system.

A kind of Bash,Unix shell. The first official version released in 1989 was originally intended for use on the GNU operating system, but it can run on most Unix-like operating systems, including Linux and Mac OS X v10.4 as the default shell. It is also ported to Cygwin and MinGW on Microsoft Windows, or to DJGPP projects that can be used on MS-DOS. There are also transplants on Novell NetWare and Android.

The environment variables used by the current Bash are called through the function name. The cause of the vulnerability is that after the environment variable defined with "() {" is parsed into a function in the command ENV, the Bash execution does not exit, but continues to parse and execute the shell command. The core reason is that there is no strict boundary restriction in the input filtering and no legal parameter judgment is made.

This paper only records and implements the vulnerability recurrence, and the utilization process is as follows:

1. Vulnerability environment

Link: http://192.168.101.152:8080/victim.cgi

two。 Vulnerability payload

() {:;}; echo; / bin/cat / etc/passwd

In theory, you can inject a Bash command into a HTTP request for remote command execution

3. Utilization process

Access target

Replace the User-Agent value with payload to execute the command

User-Agent is not a necessary condition

Thank you for reading this article carefully. I hope the article "sample Analysis of bash vulnerability recurrence" shared by the editor will be helpful to you. At the same time, I also hope you will support us and pay attention to the industry information channel. More related knowledge is waiting for you to learn!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.