Presentation is loading. Please wait.

Presentation is loading. Please wait.

Bash shell Code Injection 윤신필립 하승범. 1.What is ShellShock. 2.Background Knowledge. 3.Shellshock CVE-2014-6271 4.Additional vulnerabilities 5.Dangerousness.

Published byTheodora Hodges Modified over 9 years ago

Similar presentations

Presentation on theme: "Bash shell Code Injection 윤신필립 하승범. 1.What is ShellShock. 2.Background Knowledge. 3.Shellshock CVE-2014-6271 4.Additional vulnerabilities 5.Dangerousness."— Presentation transcript:

1 Bash shell Code Injection 윤신필립 하승범

2 1.What is ShellShock. 2.Background Knowledge. 3.Shellshock CVE-2014-6271 4.Additional vulnerabilities 5.Dangerousness of this Vulnerability. 6.Way of Solutions.

3 What is Shellshock ? CVE 2014-6271 Disclosed by Akamai Technology of Stephane Chazelas on 24 September 2014. CVE-2014-7169, CVE-2014-7186, CVE-2014-7187, CVE-2014-6277, CVE-2014-6278

4 How to set environment variable?

5

6

7

8

9 Bash Architecture Run bash initialization Bash environment variable Print Bash shell prompt Wait instruction Save inst to string and parsing Run instruction

10 How to set environment variable?

11 Principle of CVE-2014-6271 Use parse_and_execute() function int parse_and_execute (string, from_file, flags) {... while (*(bash_input.location.string)) {...

12 PATCH VERSION /* Don't import function names that are invalid identifiers from the environment, though we still allow them to be defined as shell variables. */ if (legal_identifier (name)) parse_and_execute(temp_string, name, SEVAL_NONINT|SEVAL_NOHIST|SEVAL_FINCDEF|SEVAL_ONECMD); Principle of CVE-2014-6271 limit number of process check function

13 CVE-2014-6271 DEMO

14 Additional vulnerabilities

15 CVE-2014-7169

16 CVE-2014-7186

17 CVE-2014-6278

18 Dangerousness of this Vulnerability

19 Attacker CGI PAGE Web Server virus Server invade & Destroy DB Server Bash 실행 HTTP PACKET Malicious commands Save in Environment variable

20 Way of Solutions UPDATE sudo apt-get upgrade sudo apt-get update Fedora, Redhat sudo yum update

21 Way of Solutions OS X bash Update 1.0 Mavericks http://support.apple.com/kn/DL1769http://support.apple.com/kn/DL1769 Mountain Lion http://support.apple.com/kn/DL1768http://support.apple.com/kn/DL1768 Lion http://support.apple.com/kn/DL1767http://support.apple.com/kn/DL1767

22 Way of Solutions Troy Hunt (Tremendous in-depth primer on Shellshock) In short, the advice to consumers is this: watch for security updates, particularly on OS X. Also keep an eye on any advice you may get from your ISP or other providers of devices you have that run embedded software. Do be cautious of emails requesting information or instructing you to run software

23

Download ppt "Bash shell Code Injection 윤신필립 하승범. 1.What is ShellShock. 2.Background Knowledge. 3.Shellshock CVE-2014-6271 4.Additional vulnerabilities 5.Dangerousness."

Similar presentations

Part 2 Penetration Testing. Review 2-minute exercise: RECON ONLY Find 3x IP addresses at the U.S. Merchant Marine Academy Google: “U.S. Merchant Marine.

Part 2 Penetration Testing. Review 2-minute exercise: RECON ONLY Find 3x IP addresses at the U.S. Merchant Marine Academy Google: “U.S. Merchant Marine.
Network Security Attack Analysis. cs490ns - cotter2 Outline Types of Attacks Vulnerabilities Exploited Network Attack Phases Attack Detection Tools.

Network Security Attack Analysis. cs490ns - cotter2 Outline Types of Attacks Vulnerabilities Exploited Network Attack Phases Attack Detection Tools.
Day 4-1-1 anti-virus 3-3-1.anti-virus 1 detecting a malicious file malware, detection, hiding, removing.

Day anti-virus anti-virus 1 detecting a malicious file malware, detection, hiding, removing.
By Brian Vees.  SQL Injection  Username Enumeration  Cross Site Scripting (XSS)  Remote Code Execution  String Formatting Vulnerabilities.

By Brian Vees.  SQL Injection  Username Enumeration  Cross Site Scripting (XSS)  Remote Code Execution  String Formatting Vulnerabilities.
NAVY Research Group Department of Computer Science Faculty of Electrical Engineering and Computer Science VŠB-TUO 17. listopadu 15 708 33 Ostrava-Poruba.

NAVY Research Group Department of Computer Science Faculty of Electrical Engineering and Computer Science VŠB-TUO 17. listopadu Ostrava-Poruba.
Network Security Overview Tales from the trenches.

Network Security Overview Tales from the trenches.
Profile-Based Web Intrusion Prevention System by Donovan Thorpe CS526 Fall 2002.

Profile-Based Web Intrusion Prevention System by Donovan Thorpe CS526 Fall 2002.
Greg Williams. IT Security Program  Objective is to maintain integrity of University systems  Minimum Security Standard.

Greg Williams. IT Security Program  Objective is to maintain integrity of University systems  Minimum Security Standard.
Buffer Overflow sailaja yagnavajhala sailaja yagnavajhala.

Buffer Overflow sailaja yagnavajhala sailaja yagnavajhala.
Web server security Dr Jim Briggs WEBP security1.

Web server security Dr Jim Briggs WEBP security1.
 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.

 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.
Label production Solution with Label Gallery programs Label Gallery is used for general label design and print GalleryForm is used to create data entry.

Label production Solution with Label Gallery programs Label Gallery is used for general label design and print GalleryForm is used to create data entry.
Ruby on Rails CSCI 6314 David Gaspar Jennifer Garcia Avila.

Ruby on Rails CSCI 6314 David Gaspar Jennifer Garcia Avila.
Fundamentals of Networking Discovery 1, Chapter 2 Operating Systems.

Fundamentals of Networking Discovery 1, Chapter 2 Operating Systems.
Shuo Chen, Jun Xu, Emre C. Sezer, Prachi Gauriar, and Ravishankar K. Iyer Brett Hodges April 8, 2010.

Shuo Chen, Jun Xu, Emre C. Sezer, Prachi Gauriar, and Ravishankar K. Iyer Brett Hodges April 8, 2010.
Chapter 3.  Help you understand different types of servers commonly found on a network including: ◦ File Server ◦ Application Server ◦ Mail Server ◦

Chapter 3.  Help you understand different types of servers commonly found on a network including: ◦ File Server ◦ Application Server ◦ Mail Server ◦
Security of Web Technologies: WebObjects Keshava P Subramanya

Security of Web Technologies: WebObjects Keshava P Subramanya
Operating Systems. The foundation for operating system software and application software. Source:

Operating Systems. The foundation for operating system software and application software. Source:
Lecture 16 Page 1 CS 236 Online SQL Injection Attacks Many web servers have backing databases –Much of their information stored in a database Web pages.

Lecture 16 Page 1 CS 236 Online SQL Injection Attacks Many web servers have backing databases –Much of their information stored in a database Web pages.
MIS 5211.001 Week 6 Site:

MIS Week 6 Site:

Similar presentations

Ads by Google