Last active
August 29, 2015 14:07
-
-
Save j1n6/f21d989f3a91f2a95562 to your computer and use it in GitHub Desktop.
shellshock script ubuntu update
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# Check your release, none LTS need to apply this script | |
# lsb_release -a | |
cd /tmp && mkdir src && cd src | |
wget http://ftp.gnu.org/gnu/bash/bash-4.3.tar.gz | |
#download all patches | |
for i in $(seq -f "%03g" 0 27); do wget http://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-$i; done | |
tar zxvf bash-4.3.tar.gz && cd bash-4.3 | |
# apply all patches | |
for i in $(seq -f "%03g" 0 27);do patch -p0 < ../bash43-$i; done | |
# Build and install | |
# The installation is placed at /usr/local/bin/bash | |
./configure && make && sudo make install | |
cd /tmp | |
rm -r src | |
# Add /usr/local/bin/bash | |
# To /etc/shells | |
echo '/usr/local/bin/bash' >> /etc/shells | |
# change shell for ubuntu | |
sudo chsh -s /usr/local/bin/bash ubuntu | |
# gzip old bash for backup | |
sudo gzip /bin/bash | |
sudo mv /bin/bash.gz /bin/bash-old.gz | |
sudo ln -s /usr/local/bin/bash /bin/bash | |
# change shell for ubuntu | |
sudo chsh -s /bin/bash ubuntu | |
## still vulnerable? | |
env x='() { :;}; echo vulnerable' bash -c 'echo hello' | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment