Last active
August 29, 2015 14:07
-
-
Save nogweii/c411c7bf5247f52a8128 to your computer and use it in GitHub Desktop.
Quickie test for shell shock.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # A quick shell script that outputs "VULNERABLE!" if you are vulnerable, nothing | |
| # otherwise. Meant to be used as part of an automated framework. | |
| # | |
| # Based on [bashcheck](https://github.com/hannob/bashcheck). | |
| # | |
| # These tests are *incomplete!* This is missing the tests for CVE-2014-6277 & | |
| # CVE-2014-6278, as updated bashes aren't widely available yet, so they will | |
| # always trigger. | |
| # | |
| # Licensed as CC0 1.0 Universal, http://creativecommons.org/publicdomain/zero/1.0/ | |
| cd /tmp | |
| foo=0 | |
| bash=$(which bash) | |
| r=`env x="() { :; }; echo x" $bash -c "" 2>/dev/null` | |
| if [ -n "$r" ]; then | |
| foo=1 | |
| fi | |
| env x='() { function a a>\' $bash -c echo 2>/dev/null > /dev/null | |
| if [ -e echo ]; then | |
| foo=1 | |
| fi | |
| $($bash -c "true $(printf '<<EOF %.0s' {1..80})" 2>/tmp/bashcheck.tmp) | |
| ret=$? | |
| grep -q AddressSanitizer /tmp/bashcheck.tmp | |
| if [ $? == 0 ] || [ $ret == 139 ]; then | |
| foo=1 | |
| fi | |
| $bash -c "`for i in {1..200}; do echo -n "for x$i in; do :;"; done; for i in {1..200}; do echo -n "done;";done`" 2>/dev/null | |
| if [ $? != 0 ]; then | |
| foo=1 | |
| fi | |
| r=`a="() { echo x;}" $bash -c a 2>/dev/null` | |
| if [ -n "$r" ]; then | |
| foo=1 | |
| fi | |
| rm echo &>/dev/null | |
| rm /tmp/bashcheck.tmp &>/dev/null | |
| [[ $foo -eq 1 ]] && echo "VULNERABLE!" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
How to use:
Then you can compare the output of that command and see if your bash is up to date or not.