coffeemakr/bashtest.sh

## bashtest.sh
#!/bin/bash
env x='() { :;}; echo "ERROR: CVE-2014-6271 vulnerable, ShellShock"' bash -c "echo -n\"\""
foo='() { echo "ERROR: CVE-2014-6278 vulnerable"; }' bash -c foo 2> /dev/null
rm -f bash_vulnerable
X='() { function a a>\' bash -c bash_vulnerable
[ -e bash_vulnerable ] && echo "ERROR: CVE-2014-7169 vulnerable"
bash -c 'true <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF' || echo "ERROR: CVE-2014-7186 vulnerable, redir_stack"
(for x in {1..200} ; do echo "for x$x in ; do :"; done; for x in {1..200} ; do echo done ; done) | bash || echo "ERROR: CVE-2014-7187 vulnerable, word_lineno"
	#!/bin/bash
	env x='() { :;}; echo "ERROR: CVE-2014-6271 vulnerable, ShellShock"' bash -c "echo -n\"\""
	foo='() { echo "ERROR: CVE-2014-6278 vulnerable"; }' bash -c foo 2> /dev/null
	rm -f bash_vulnerable
	X='() { function a a>\' bash -c bash_vulnerable
	[ -e bash_vulnerable ] && echo "ERROR: CVE-2014-7169 vulnerable"
	bash -c 'true <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF' \|\| echo "ERROR: CVE-2014-7186 vulnerable, redir_stack"
	(for x in {1..200} ; do echo "for x$x in ; do :"; done; for x in {1..200} ; do echo done ; done) \| bash \|\| echo "ERROR: CVE-2014-7187 vulnerable, word_lineno"