DavidPu/updatebash

## updatebash
#!/bin/bash

VERSION=`bash --version|egrep -o "[0-9].[0-9].[0-9]+"`
echo "current bash version $VERSION"
VER="${VERSION%.*}"
echo "bash major version $VER"
PATCHLVL="${VER//.}"
echo "patch level $PATCHLVL"

echo "downloading bash source code"
wget -nv http://ftp.gnu.org/pub/gnu/bash/bash-"$VER".tar.gz
tar -xpf bash-"$VER".tar.gz
cd bash-"$VER"

echo "downloading bash patches"
for i in $(seq -f "%03g" 1 60); do
  wget -nv http://ftp.gnu.org/pub/gnu/bash/bash-"${VERSION%.*}"-patches/bash$PATCHLVL-$i
  if [ $? -ne 0 ];then
      break;
  fi
  patch -p0 < bash$PATCHLVL-$i
done

sudo apt-get build-dep bash
./configure --prefix=$PWD/out
make install
sudo mv /bin/bash{,.old}
sudo cp out/bin/bash /bin/bash

env x='() { :;}; echo vulnerable' /bin/bash.old -c echo
env x='() { :;}; echo vulnerable' bash -c echo
	#!/bin/bash

	VERSION=`bash --version\|egrep -o "[0-9].[0-9].[0-9]+"`
	echo "current bash version $VERSION"
	VER="${VERSION%.*}"
	echo "bash major version $VER"
	PATCHLVL="${VER//.}"
	echo "patch level $PATCHLVL"

	echo "downloading bash source code"
	wget -nv http://ftp.gnu.org/pub/gnu/bash/bash-"$VER".tar.gz
	tar -xpf bash-"$VER".tar.gz
	cd bash-"$VER"

	echo "downloading bash patches"
	for i in $(seq -f "%03g" 1 60); do
	wget -nv http://ftp.gnu.org/pub/gnu/bash/bash-"${VERSION%.*}"-patches/bash$PATCHLVL-$i
	if [ $? -ne 0 ];then
	break;
	fi
	patch -p0 < bash$PATCHLVL-$i
	done

	sudo apt-get build-dep bash
	./configure --prefix=$PWD/out
	make install
	sudo mv /bin/bash{,.old}
	sudo cp out/bin/bash /bin/bash

	env x='() { :;}; echo vulnerable' /bin/bash.old -c echo
	env x='() { :;}; echo vulnerable' bash -c echo