{"id":1264,"date":"2014-09-27T12:56:32","date_gmt":"2014-09-27T04:56:32","guid":{"rendered":"http:\/\/www.51cos.com\/?p=1264"},"modified":"2016-12-29T01:34:03","modified_gmt":"2016-12-28T17:34:03","slug":"%e5%88%86%e4%ba%ablinux%e8%b6%85%e7%ba%a7bash%e6%bc%8f%e6%b4%9e%ef%bc%88shellshock%ef%bc%89%e4%bf%ae%e5%a4%8d%e6%96%b9%e6%b3%95%ef%bc%8c%e5%86%85%e9%99%84debian%e6%9c%8d%e5%8a%a1%e5%99%a8%e8%af%a6","status":"publish","type":"post","link":"http:\/\/www.51cos.com\/?p=1264","title":{"rendered":"[\u5206\u4eab]Linux\u8d85\u7ea7Bash\u6f0f\u6d1e\uff08Shellshock\uff09\u4fee\u590d\u65b9\u6cd5\uff0c\u5185\u9644Debian\u670d\u52a1\u5668\u8be6\u7ec6\u65b9\u6cd5"},"content":{"rendered":"

20141107\u8865\u5145\uff1a\u6709\u4eba\u5199\u4e86\u4e00\u4e2a\u811a\u672c\uff0c\u4e5f\u53ef\u4ee5\u7528\u8fd9\u4e2a\uff1ahttp:\/\/www.v2ex.com\/t\/136038<\/p>\n

\u8fd1\u65e5\uff0cLinux\u793e\u533a\u7206\u51fa\u4e86\u5173\u4e8eLinux Bash\u7684\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u4f60\u8c03\u7528\u7684bash shell\u4e4b\u524d\u521b\u5efa\u7684\u7279\u6b8a\u7684\u73af\u5883\u53d8\u91cf\uff0c\u8fd9\u4e9b\u53d8\u91cf\u53ef\u4ee5\u5305\u542b\u4ee3\u7801\uff0c\u540c\u65f6\u4f1a\u88abbash\u6267\u884c\u3002\u00a0\u4e0d\u540c\u4e8e\u4e4b\u524d\u7684SSL\u7684HeartBlood\u6f0f\u6d1e\uff0c\u8fd9\u4e2aBash\u6f0f\u6d1e\u80fd\u8ba9\u9ed1\u5ba2\u901a\u8fc7\u5d4c\u5165\u6076\u610f\u547d\u4ee4\u5b8c\u5168\u63a7\u5236\u76ee\u6807\u673a\u5668\uff0c\u800c\u4e0d\u50cfHeartBlood\u53ea\u662f\u53ef\u4ee5\u55c5\u63a2\u654f\u611f\u4fe1\u606f\u3002<\/p>\n

\u5bf9\u4e8e\u6240\u6709\u5b89\u88c5GNU\u00a0bash\u00a0\u7248\u672c\u5c0f\u4e8e\u6216\u8005\u7b49\u4e8e4.3\u7684Linux\u64cd\u4f5c\u7cfb\u7edf\u90fd\u5e94\u8be5\u68c0\u6d4b\u5e76\u4fee\u590d\u8be5\u6f0f\u6d1e\uff0c\u4ee5\u514d\u9020\u6210\u4e0d\u5fc5\u8981\u7684\u635f\u5931\u3002<\/p>\n

\u68c0\u6d4b\u65b9\u6cd5\uff1a<\/h1>\n

\u547d\u4ee4\u884c\u4e2d\u8f93\u5165\uff1a<\/p>\n

env x='() { :;}; echo vulnerable' bash -c \"echo this is a test\"<\/p>\n
\u5982\u679c\u663e\u793a\u4e86\u5982\u4e0b\u7ea2\u8272\u52a0\u7c97\u5185\u5bb9\uff0c\u8bf4\u660e\u4f60\u7684linux\u7cfb\u7edf\u5b58\u5728\u8be5\u6f0f\u6d1e\uff0c\u8bf7\u7acb\u5373\u4fee\u590d\u3002<\/p>\n
vulnerable<\/strong><\/span>
\nthis is a test<\/p>\n
 <\/p>\n
\u4fee\u8865\u65b9\u6848:<\/h1>\n
Centos\u4fee\u8865\u65b9\u6848(\u6267\u884c\u5982\u4e0b\u547d\u4ee4\uff0c\u4e0d\u7528\u91cd\u542f)\uff1a<\/p>\n
yum clean all
\nyum makecache
\nyum -y update bash <\/p>\n
Ubuntu\u4fee\u8865\u65b9\u6848(\u6267\u884c\u5982\u4e0b\u547d\u4ee4\uff0c\u4e0d\u7528\u91cd\u542f)\uff1a<\/p>\n
apt-get update
\napt-get -y install --only-upgrade bash  <\/p>\n
Debian\u7a0d\u5fae\u590d\u6742\u4e00\u70b9<\/p>\n
\u5148\u8f93\u5165\u5982\u4e0b\u547d\u4ee4\u67e5\u770bDebian\u7cfb\u7edf\u7248\u672c\u53f7\uff1a<\/p>\n
cat \/etc\/issue<\/p>\n
\u6bd4\u5982\u6211\u7684\u662fDebian GNU\/Linux 7<\/span> \\n \\l<\/p>\n
 <\/p>\n
\u518d\u67e5\u770b\u662f32bit\u8fd8\u662f64bit\u7684<\/p>\n
file \/bin\/ls
\n\/bin\/ls: ELF 64-bit<\/span> LSB executable, x86-64, version 1 (SYSV), dynamically linked (uses shared libs), for GNU\/Linux 2.6.26, BuildID[sha1]=0x55f1e005df252708d4c456dcc2c7dccea1006553, stripped<\/p>\n
 <\/p>\n
debian: 7.X 64bit && 32bit \u00a0(\u6700\u7ec8\u89e3\u51b3\u65b9\u6848)<\/b><\/p>\n
apt-get update
\napt-get -y install --only-upgrade bash  <\/p>\n
 <\/p>\n
6.0.x 64bit<\/p>\n
wget http:\/\/mirrors.aliyun.com\/debian\/pool\/main\/b\/bash\/bash_4.1-3+deb6u2_amd64.deb
\ndpkg -i bash_4.1-3+deb6u2_amd64.deb  <\/p>\n
6.0.x 32bit<\/p>\n
wget http:\/\/mirrors.aliyun.com\/debian\/pool\/main\/b\/bash\/bash_4.1-3+deb6u2_i386.deb
\ndpkg -i bash_4.1-3+deb6u2_i386.deb <\/p>\n
 <\/p>\n
\u6700\u540e\u786e\u8ba4\u662f\u5426\u4fee\u590d\uff0c\u8f93\u5165<\/p>\n
env x='() { :;}; echo vulnerable' bash -c \"echo this is a test\"<\/p>\n
\u5982\u679c\u770b\u4e0d\u5230vulnerable\uff0c\u5c31\u8bf4\u660e\u4fee\u590d\u6210\u529f\u4e86\u3002<\/p>\n","protected":false},"excerpt":{"rendered":"
20141107\u8865\u5145\uff1a\u6709\u4eba\u5199\u4e86\u4e00\u4e2a\u811a\u672c\uff0c\u4e5f\u53ef\u4ee5\u7528\u8fd9\u4e2a\uff1ahttp:\/\/www.v2ex.com\/t\/136038 […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[],"tags":[],"class_list":["post-1264","post","type-post","status-publish","format-standard","hentry"],"_links":{"self":[{"href":"http:\/\/www.51cos.com\/index.php?rest_route=\/wp\/v2\/posts\/1264","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.51cos.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.51cos.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.51cos.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/www.51cos.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1264"}],"version-history":[{"count":1,"href":"http:\/\/www.51cos.com\/index.php?rest_route=\/wp\/v2\/posts\/1264\/revisions"}],"predecessor-version":[{"id":2040,"href":"http:\/\/www.51cos.com\/index.php?rest_route=\/wp\/v2\/posts\/1264\/revisions\/2040"}],"wp:attachment":[{"href":"http:\/\/www.51cos.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1264"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.51cos.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1264"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.51cos.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1264"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}