Bash shell Code Injection 윤신필립 하승범. 1.What is ShellShock. 2.Background Knowledge. 3.Shellshock CVE-2014-6271 4.Additional vulnerabilities 5.Dangerousness.

Slides:



Advertisements
Similar presentations
Part 2 Penetration Testing. Review 2-minute exercise: RECON ONLY Find 3x IP addresses at the U.S. Merchant Marine Academy Google: “U.S. Merchant Marine.
Advertisements

Network Security Attack Analysis. cs490ns - cotter2 Outline Types of Attacks Vulnerabilities Exploited Network Attack Phases Attack Detection Tools.
Day anti-virus anti-virus 1 detecting a malicious file malware, detection, hiding, removing.
By Brian Vees.  SQL Injection  Username Enumeration  Cross Site Scripting (XSS)  Remote Code Execution  String Formatting Vulnerabilities.
NAVY Research Group Department of Computer Science Faculty of Electrical Engineering and Computer Science VŠB-TUO 17. listopadu Ostrava-Poruba.
Network Security Overview Tales from the trenches.
Profile-Based Web Intrusion Prevention System by Donovan Thorpe CS526 Fall 2002.
Greg Williams. IT Security Program  Objective is to maintain integrity of University systems  Minimum Security Standard.
Buffer Overflow sailaja yagnavajhala sailaja yagnavajhala.
Web server security Dr Jim Briggs WEBP security1.
 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.
Label production Solution with Label Gallery programs Label Gallery is used for general label design and print GalleryForm is used to create data entry.
Ruby on Rails CSCI 6314 David Gaspar Jennifer Garcia Avila.
Fundamentals of Networking Discovery 1, Chapter 2 Operating Systems.
Shuo Chen, Jun Xu, Emre C. Sezer, Prachi Gauriar, and Ravishankar K. Iyer Brett Hodges April 8, 2010.
Chapter 3.  Help you understand different types of servers commonly found on a network including: ◦ File Server ◦ Application Server ◦ Mail Server ◦
Security of Web Technologies: WebObjects Keshava P Subramanya
Operating Systems. The foundation for operating system software and application software. Source:
Lecture 16 Page 1 CS 236 Online SQL Injection Attacks Many web servers have backing databases –Much of their information stored in a database Web pages.
MIS Week 6 Site:
2-4 Solving Equations with Variables on Both Sides.
CGI Security COEN 351. CGI Security Security holes are exploited by user input. We need to check user input against Buffer overflows etc. that cause a.
APRICOT 2015 Security Day Cooperation between Security Teams and Network Operators: Actionable Intelligence on ShellShock Arnold S. Yoon Information Security.
| nectar.org.au NECTAR TRAINING Module 10 Beyond the Dashboard.
Top Five Web Application Vulnerabilities Vebjørn Moen Selmersenteret/NoWires.org Norsk Kryptoseminar Trondheim
ColdFusion Security Michael Smith President TeraTech, Inc ColdFusion, Database & VB custom development
CGI Programming. What is it? CGI –Common Gateway Interface Standard way to pass information back to the Web Server –GET Query String –POST Standard Input.
Automatic Diagnosis and Response to Memory Corruption Vulnerabilities Presenter: Jianyong Dai Jun Xu, Peng Ning, Chongkyung Kil, Yan Zhai, Chris Bookhot.
Client-based Application Attacks Adli Abdul Wahid Dept. of Comp. Science, IIUM
A Tale of Two Bugs. This Fall has been bad Let’s look at two CVE AKA “Shellshock” CVE AKA “Drupalgeddon”
CIS 450 – Network Security Chapter 14 – Specific Exploits for UNIX.
Dealing with Malware By: Brandon Payne Image source: TechTips.com.
MIS Week 6 Site:
CIT 383: Administrative ScriptingSlide #1 CIT 383: Administrative Scripting Introduction.
“ Vulnerabilities in SNMP Implementations ” CSCI Web Security Instructor: Dr. Andrew Yang Presented By: Harini Varatharajan.
Topics Network topology Virtual LAN Port scanners and utilities Packet sniffers Weak protocols Practical exercise.
General rules 1. Rule: 2. Rule: 3. Rule: 10. Rule: Ask questions ……………………. 11. Rule: I do not know your skill. If I tell you things you know, please stop.
Sid Stamm, Zulfikar Ramzan and Markus Jokobsson Erkang Xu.
CP476 Internet Computing CGI1 Cookie –Cookie is a mechanism for a web server recall info of accessing of a client browser –A cookie is an object sent by.
Shellshock a.k.a. Bashdoor / Bash bug
Security Architecture and Design Chapter 4 Part 1 Pages 297 to 319.
Malicious Software.
Web Security Lesson Summary ●Overview of Web and security vulnerabilities ●Cross Site Scripting ●Cross Site Request Forgery ●SQL Injection.
 Previous lessons have focused on client-side scripts  Programs embedded in the page’s HTML code  Can also execute scripts on the server  Server-side.
17 Establishing Dial-up Connection to the Internet Using Windows 9x 1.Install and configure the modem 2.Configure Dial-Up Adapter 3.Configure Dial-Up Networking.
GHOST 2.0: What you need to know about the glibc getaddrinfo vulnerability (CVE ) Johannes B. Ullrich, Ph.D, SANS
Speaker: Hom-Jay Hom Date:2009/10/20 Botnet Research Survey Zhaosheng Zhu. et al July 28-August
Example – SQL Injection MySQL & PHP code: // The next instruction prompts the user is to supply an ID $personID = getIDstringFromUser(); $sqlQuery = "SELECT.
IoT BBQ Carve Systems. Outline About us (Carve) About IoT Our IoT assessment methodology The Sacred Tenants of IoT Security Some bugs IoT IRL.
VM: Chapter 7 Buffer Overflows. csci5233 computer security & integrity (VM: Ch. 7) 2 Outline Impact of buffer overflows What is a buffer overflow? Types.
Page 1 Viruses. Page 2 What Is a Virus A virus is basically a computer program that has been written to perform a specific set of tasks. Unfortunately,
Testing Exploits and Malware in an isolated environment Luca Allodi – Fabio Massacci – Vadim Kotov
COMPUTER SECURITY Ashesi University College Benson Wachira Julateh Mulbah.
Database and Cloud Security
3.1 Types of Servers.
Web Application Security
Manuel Brugnoli, Elisa Heymann UAB
Shellshock a.k.a. Bashdoor / Bash bug
COP 4343 Unix System Administration
CITA 352 Chapter 5 Port Scanning.
Security: Exploits & Countermeasures
CompTIA Server+ Certification (Exam SK0-004)
Discussion about 'Shellshock' fixes--Ubuntu and OS X
Web Application Security
LGC Website, Software updates, Documentation, and Videos
Security: Exploits & Countermeasures
Shellshock a.k.a. Bashdoor / Bash bug
IP Addresses & Ports IP Addresses – identify a device on a network
SHELLSHOCK ATTACK.
Presentation transcript:

Bash shell Code Injection 윤신필립 하승범

1.What is ShellShock. 2.Background Knowledge. 3.Shellshock CVE Additional vulnerabilities 5.Dangerousness of this Vulnerability. 6.Way of Solutions.

What is Shellshock ? CVE Disclosed by Akamai Technology of Stephane Chazelas on 24 September CVE , CVE , CVE , CVE , CVE

How to set environment variable?

Bash Architecture Run bash initialization Bash environment variable Print Bash shell prompt Wait instruction Save inst to string and parsing Run instruction

How to set environment variable?

Principle of CVE Use parse_and_execute() function int parse_and_execute (string, from_file, flags) {... while (*(bash_input.location.string)) {...

PATCH VERSION /* Don't import function names that are invalid identifiers from the environment, though we still allow them to be defined as shell variables. */ if (legal_identifier (name)) parse_and_execute(temp_string, name, SEVAL_NONINT|SEVAL_NOHIST|SEVAL_FINCDEF|SEVAL_ONECMD); Principle of CVE limit number of process check function

CVE DEMO

Additional vulnerabilities

CVE

CVE

CVE

Dangerousness of this Vulnerability

Attacker CGI PAGE Web Server virus Server invade & Destroy DB Server Bash 실행 HTTP PACKET Malicious commands Save in Environment variable

Way of Solutions UPDATE sudo apt-get upgrade sudo apt-get update Fedora, Redhat sudo yum update

Way of Solutions OS X bash Update 1.0 Mavericks Mountain Lion Lion

Way of Solutions Troy Hunt (Tremendous in-depth primer on Shellshock) In short, the advice to consumers is this: watch for security updates, particularly on OS X. Also keep an eye on any advice you may get from your ISP or other providers of devices you have that run embedded software. Do be cautious of s requesting information or instructing you to run software

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.