Categories
News Software Technical

Vulnerable to Shellshock? Let’s find out

And here we go again. Last time it was heartbleed, now we are back with another trending name that goes by Shellshock.

This vulnerability is one; like many. Allows an attacker to inject code into your machine. This means all Linux and Mac users are at risk for attacks.

Fortunately we can check for this vulnerability, lets begin:

Open a terminal (Linux in my case) and type the following command:

env x='() { :;}; echo vulnerable’ bash -c ‘echo hello’

If you are vulnerable you will see it printed in the response. Simply put If you see “vulnerable” afterwards, you need to patch the system.

And if you are already patched from this you will see the following:

So a message to my sysadmin friends, its time to clean up.

By the way; ShellShock isn’t new, it has existed for 25 years in BASH, attackers are just now coming up with ways to exploit

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.