Friday 26 September 2014

Shellshock

A newly discovered bug seems to be taking the whole security and hacker communities into uproar. A huge number of posts and talks are going on in many channels. For those who haven't heard about it, it is the bash bug which affects basically almost all systems that the world depends on.

What is the bash bug? To answer that, first you need to know what bash is.

"bash" stands for "Bourne-Again SHell" and is the most common type of shell on any linux or mac or unix related system. This basically includes almost all servers, and can go on all the way to smart lighting (those crazy lightbulbs whose colour can be controlled by your smart phone). If you've ever seen anyone use a black screen with white text on it, chances are you've seen either the Windows Command Prompt or a shell. A shell basically allows you to type commands to execute programs on a computer.

The bash bug is basically a bug that has been found in this very commonly used shell. The bug was discovered by Stéphane Chazelas, a French IT manager working for a software maker in Scotland, and was first disclosed on 24th September 2014. It basically allows for arbitrary code execution. Turns out that this bug has existed since the very first version of bash (25 years ago!!!). The bug has been nicknamed "Shellshock" and is regarded to be severe since CGI scripts using bash can be vulnerable. It is caused due to

However, this is where the open source community comes into play. Within a very short time frame, a patch has been released already and many systems are no longer vulnerable to this bug. As of now, my system is no longer vulnerable only because I continuously keep updating my PC.

How to test if you're vulnerable?
Just run the following code in your terminal:
env x='() { :;}; echo vulnerable' bash -c "echo this is a test"

If your system is vulnerable, it'll tell you vulnerable, otherwise it will show an error message.

If you want to know more, visit the Wikipedia page on the bug at Shellshock

Just to mention this here: This is the only severe bug I've personally seen on linux that has such a massive impact, and even then, it got fixed almost instantly. I love the way the open source community works so quickly. :)

No comments:

Post a Comment

Note: only a member of this blog may post a comment.