Skip to content

Instantly share code, notes, and snippets.

@martinseener

martinseener/shellshock_patcher_sh

Last active August 29, 2015 14:06
Show Gist options
  • Star 4 You must be signed in to star a gist
  • Fork 1 You must be signed in to fork a gist
  • Save martinseener/99bd94e66b4296f2ae68 to your computer and use it in GitHub Desktop.
Save martinseener/99bd94e66b4296f2ae68 to your computer and use it in GitHub Desktop.
Download ZIP
Shellshock Bash Patcher for Debian/Ubuntu (Rundeck-compatible)
Raw
shellshock_patcher_sh
#!/bin/bash
env x='() { :;}; echo vulnerable' bash -c "echo this is a test" | grep vulnerable > /dev/null 2>&1
if [ $? -eq 1 ]; then
echo "Not vulnerable. Machine is safe."
exit 0
else
echo -n "Vulnerable. Version: "
/bin/bash --version
echo "Installing patch."
sudo apt-get update && sudo apt-get install bash
if [ $? -eq 0 ]; then
echo -n "Patching complete: "
/bin/bash --version
exit 0
else
echo "Error updating bash binary. Please check it manually!!"
exit 1
fi
fi
@martinseener
Copy link
Author

How to use with Rundeck?

  1. Create a new job
  2. Insert code as "Script"
  3. Select all nodes to be checked/patched
  4. Run it!

@ahonor
Copy link

ahonor commented Sep 26, 2014

Sweet !

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment