shellshock

All posts tagged shellshock

By now, everybody should be knowing what is shellshock vulnerability. To those newbies who have no idea what it is, the shellshock vulnerability affects Bash ( it is the same program you encounter regularly if you are a Linux user, yeah i’m talking about shell or terminal ). Using this vulnerability, hackers can make the affected versions of bash to execute commands written by them.

All versions of Ipfire firewall before 2.15 (including this one ) are vulnerable to this shellshock vulnerability. Now let’s see how to exploit this vulnerability using Metasploit.  This exploit needs credentials. Start Metasploit and load the exploit as shown below.  As you can see, there is only one payload to this exploit, i.e one command as explained above.

shellshock1

Set the required options as shown below. Use check command to see if the target is vulnerable.

shellshock2

Set the command  you want to run on the target machine. I set the command to view the /etc/passwd file of our target. You can set any command you want to run.

shellshock3

How to fix this:

By now, most of the machines may have patched this vulnerability. To stay safe, use the command to check for this vulnerability.

env x='() { :;}; echo vulnerable’ bash -c “this is a test” 

If your machine is vulnerable, you should get “vulnerable” displayed as shown below.

shellshock4

If it’s not vulnerable, you will get the result as shown below.

shellshock5

If you are using Nessus vulnerability scanner, there is a special Bash shellshock detection to check for this vulnerability in multiple devices.

shellshock6

If your bash version is vulnerable, update the bash.