John Jeong (토론 | 기여) (→같이 보기) |
Jmnote bot (토론 | 기여) 잔글 (봇: 자동으로 텍스트 교체 (-<source +<syntaxhighlight )) |
||
| 10번째 줄: | 10번째 줄: | ||
==확인방법== | ==확인방법== | ||
< | <syntaxhighlight lang='bash'> | ||
env x='() { :;}; echo vulnerable' bash -c "echo this is a test" | env x='() { :;}; echo vulnerable' bash -c "echo this is a test" | ||
</source> | </source> | ||
< | <syntaxhighlight lang='bash'> | ||
rm -f echo; env X='() { (a)=>\' sh -c "echo date"; cat echo | rm -f echo; env X='() { (a)=>\' sh -c "echo date"; cat echo | ||
</source> | </source> | ||
< | <syntaxhighlight lang='bash'> | ||
(for x in {1..200} ; do echo "for x$x in ; do :"; done; for x in {1..200} ; do echo done ; done) | bash || | (for x in {1..200} ; do echo "for x$x in ; do :"; done; for x in {1..200} ; do echo done ; done) | bash || | ||
echo "CVE-2014-7187 vulnerable, word_lineno" | echo "CVE-2014-7187 vulnerable, word_lineno" | ||
| 22번째 줄: | 22번째 줄: | ||
==확인 1 (취약)== | ==확인 1 (취약)== | ||
< | <syntaxhighlight lang='console'> | ||
[root@zetawiki ~]# env x='() { :;}; echo vulnerable' bash -c "echo this is a test" | [root@zetawiki ~]# env x='() { :;}; echo vulnerable' bash -c "echo this is a test" | ||
vulnerable | vulnerable | ||
| 28번째 줄: | 28번째 줄: | ||
</source> | </source> | ||
:→ <code>echo vulnerable</code>이 수행되었으므로 취약함 | :→ <code>echo vulnerable</code>이 수행되었으므로 취약함 | ||
< | <syntaxhighlight lang='console'> | ||
[root@zetawiki ~]# rm -f echo; env X='() { (a)=>\' sh -c "echo date"; cat echo | [root@zetawiki ~]# rm -f echo; env X='() { (a)=>\' sh -c "echo date"; cat echo | ||
sh: X: line 1: syntax error near unexpected token `=' | sh: X: line 1: syntax error near unexpected token `=' | ||
| 36번째 줄: | 36번째 줄: | ||
</source> | </source> | ||
:→ date 명령어가 실행되고 echo 파일이 생성되었으므로 취약함 | :→ date 명령어가 실행되고 echo 파일이 생성되었으므로 취약함 | ||
< | <syntaxhighlight lang='console'> | ||
[root@zetawiki ~]# (for x in {1..200} ; do echo "for x$x in ; do :"; done; for x in {1..200} ; do echo done ; done) | bash || | [root@zetawiki ~]# (for x in {1..200} ; do echo "for x$x in ; do :"; done; for x in {1..200} ; do echo done ; done) | bash || | ||
> echo "CVE-2014-7187 vulnerable, word_lineno" | > echo "CVE-2014-7187 vulnerable, word_lineno" | ||
| 47번째 줄: | 47번째 줄: | ||
==Bash 버전 확인== | ==Bash 버전 확인== | ||
{{참고|Bash 버전 확인}} | {{참고|Bash 버전 확인}} | ||
< | <syntaxhighlight lang='console'> | ||
[root@zetawiki ~]# rpm -qa | grep bash | [root@zetawiki ~]# rpm -qa | grep bash | ||
bash-3.2-32.el5 | bash-3.2-32.el5 | ||
</source> | </source> | ||
< | <syntaxhighlight lang='console'> | ||
[root@zetawiki ~]# rpm -qa | grep bash | [root@zetawiki ~]# rpm -qa | grep bash | ||
bash-4.1.2-15.el6_4.x86_64 | bash-4.1.2-15.el6_4.x86_64 | ||
| 57번째 줄: | 57번째 줄: | ||
==Bash 업데이트== | ==Bash 업데이트== | ||
< | <syntaxhighlight lang='console'> | ||
[root@zetawiki ~]# yum update bash | [root@zetawiki ~]# yum update bash | ||
... (생략) | ... (생략) | ||
| 73번째 줄: | 73번째 줄: | ||
Is this ok [y/N]: y | Is this ok [y/N]: y | ||
</source> | </source> | ||
< | <syntaxhighlight lang='console'> | ||
... (생략) | ... (생략) | ||
Updated: | Updated: | ||
| 82번째 줄: | 82번째 줄: | ||
==확인 2 (안전)== | ==확인 2 (안전)== | ||
< | <syntaxhighlight lang='console'> | ||
[root@zetawiki ~]# env x='() { :;}; echo vulnerable' bash -c "echo this is a test" | [root@zetawiki ~]# env x='() { :;}; echo vulnerable' bash -c "echo this is a test" | ||
this is a test | this is a test | ||
</source> | </source> | ||
< | <syntaxhighlight lang='console'> | ||
[root@zetawiki ~]# rm -f echo; env X='() { (a)=>\' sh -c "echo date"; cat echo | [root@zetawiki ~]# rm -f echo; env X='() { (a)=>\' sh -c "echo date"; cat echo | ||
date | date | ||
cat: echo: No such file or directory | cat: echo: No such file or directory | ||
</source> | </source> | ||
< | <syntaxhighlight lang='console'> | ||
[root@zetawiki ~]# (for x in {1..200} ; do echo "for x$x in ; do :"; done; for x in {1..200} ; do echo done ; done) | bash || | [root@zetawiki ~]# (for x in {1..200} ; do echo "for x$x in ; do :"; done; for x in {1..200} ; do echo done ; done) | bash || | ||
> echo "CVE-2014-7187 vulnerable, word_lineno" | > echo "CVE-2014-7187 vulnerable, word_lineno" | ||
2020년 11월 2일 (월) 00:40 판
1 개요
- shellshock
- [CVE-2014-6271] GNU Bash 원격코드 인젝션 취약점 확인 및 조치
- 2014년 9월 Bourne Again Shell(Bash) 취약점 보안 업데이트
- 쉘쇼크, 셸쇼크, 쉘쇼크 해결방법, 조치방법
- CentOS 6: bash-4.1.2-15.el6_4.x86_64 → bash-4.1.2-15.el6_5.2.x86_64
- CentOS 7: bash-4.2.45-5.el7.x86_64 → bash-4.2.45-5.el7_0.4.x86_64
2 확인방법
<syntaxhighlight lang='bash'> env x='() { :;}; echo vulnerable' bash -c "echo this is a test" </source> <syntaxhighlight lang='bash'> rm -f echo; env X='() { (a)=>\' sh -c "echo date"; cat echo </source> <syntaxhighlight lang='bash'> (for x in {1..200} ; do echo "for x$x in ; do :"; done; for x in {1..200} ; do echo done ; done) | bash || echo "CVE-2014-7187 vulnerable, word_lineno" </source>
3 확인 1 (취약)
<syntaxhighlight lang='console'> [root@zetawiki ~]# env x='() { :;}; echo vulnerable' bash -c "echo this is a test" vulnerable this is a test </source>
- →
echo vulnerable이 수행되었으므로 취약함
<syntaxhighlight lang='console'> [root@zetawiki ~]# rm -f echo; env X='() { (a)=>\' sh -c "echo date"; cat echo sh: X: line 1: syntax error near unexpected token `=' sh: X: line 1: `' sh: error importing function definition for `X' Sun Feb 15 18:41:31 KST 2015 </source>
- → date 명령어가 실행되고 echo 파일이 생성되었으므로 취약함
<syntaxhighlight lang='console'> [root@zetawiki ~]# (for x in {1..200} ; do echo "for x$x in ; do :"; done; for x in {1..200} ; do echo done ; done) | bash || > echo "CVE-2014-7187 vulnerable, word_lineno" bash: line 129: syntax error near `x129' bash: line 129: `for x129 in ; do :' CVE-2014-7187 vulnerable, word_lineno </source>
- → echo ... 명령어가 수행되었으므로 취약함
4 Bash 버전 확인
Bash 버전 확인 문서를 참고하십시오.<syntaxhighlight lang='console'> [root@zetawiki ~]# rpm -qa | grep bash bash-3.2-32.el5 </source> <syntaxhighlight lang='console'> [root@zetawiki ~]# rpm -qa | grep bash bash-4.1.2-15.el6_4.x86_64 </source>
5 Bash 업데이트
<syntaxhighlight lang='console'> [root@zetawiki ~]# yum update bash ... (생략)
5.1 ====================================================
Package Arch Version Repository Size
5.2 ====================================================
Updating:
bash x86_64 4.1.2-29.el6 base 907 k
Transaction Summary
5.3 ====================================================
Upgrade 1 Package(s)
Total download size: 907 k Is this ok [y/N]: y </source> <syntaxhighlight lang='console'> ... (생략) Updated:
bash.x86_64 0:4.1.2-29.el6
Complete! </source>
6 확인 2 (안전)
<syntaxhighlight lang='console'> [root@zetawiki ~]# env x='() { :;}; echo vulnerable' bash -c "echo this is a test" this is a test </source> <syntaxhighlight lang='console'> [root@zetawiki ~]# rm -f echo; env X='() { (a)=>\' sh -c "echo date"; cat echo date cat: echo: No such file or directory </source> <syntaxhighlight lang='console'> [root@zetawiki ~]# (for x in {1..200} ; do echo "for x$x in ; do :"; done; for x in {1..200} ; do echo done ; done) | bash || > echo "CVE-2014-7187 vulnerable, word_lineno" </source>
7 같이 보기
8 참고
- 분류 댓글:
- Yum 설치 (13)
- Bash (3)
CentOS MySQL 설치 ― …CentOS phpMyAdmin 설치 (yum) ― Shinch25CentOS phpMyAdmin 설치 (yum) ― JmnoteCentOS phpMyAdmin 설치 (yum) ― Shinch25CentOS phpMyAdmin 설치 (yum) ― JmnoteCentOS phpMyAdmin 설치 (yum) ― Shinch25CentOS phpMyAdmin 설치 (yum) ― Tndyd5390CentOS phpMyAdmin 설치 (yum) ― JmnoteCentOS phpMyAdmin 설치 (yum) ― IjeffCentOS phpMyAdmin 설치 (yum) ― IjeffCentOS phpMyAdmin 설치 (yum) ― JmnoteCentOS phpMyAdmin 설치 (yum) ― JmnoteCentOS phpMyAdmin 설치 (yum) ― Ijeff