Skip to content

Instantly share code, notes, and snippets.

@AndrewVos

AndrewVos/fix.rb

Created Sep 24, 2014
Embed
What would you like to do?
bash-vulnerability
# ip addresses
servers = [
"1.1.1.1"
]
user = "ubuntu"
servers.each do |server|
puts server
system "scp -q -p test-for-vulnerability #{user}@#{server}:~"
vulnerable = `ssh #{user}@#{server} /home/#{user}/test-for-vulnerability`.include?("vulnerable")
if vulnerable
puts "VULNERABLE!"
system "ssh ubuntu@#{server} 'bash --version |head -n 1'"
system "ssh ubuntu@#{server} 'sudo apt-get update -y && sudo apt-get -y install bash'"
else
puts "NOT VULNERABLE!"
end
puts
end
#!/bin/bash
env x='() { :;}; echo vulnerable' bash -c "echo this is a test"
@AndrewVos

This comment has been minimized.

Copy link
Owner Author

@AndrewVos AndrewVos commented Sep 24, 2014

Notes:

  • This will not work for servers where you login as root.
  • You'll need to ssh-add all your keys.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.