CVE-2014-6271 PoC — GNU Bash 远程代码执行漏洞

Source

https://github.com/renanvicente/puppet-shellshock

Associated Vulnerability

Title:GNU Bash 远程代码执行漏洞 (CVE-2014-6271)
Description:GNU Bash是美国软件开发者布莱恩-福克斯（Brian J. Fox）为GNU计划而编写的一个Shell（命令语言解释器），它运行于类Unix操作系统中（Linux系统的默认Shell），并能够从标准输入设备或文件中读取、执行命令，同时也结合了一部分ksh和csh的特点。 GNU Bash 4.3及之前版本中存在安全漏洞，该漏洞源于程序没有正确处理环境变量值内的函数定义。远程攻击者可借助特制的环境变量利用该漏洞执行任意代码。以下产品和模块可能会被利用：OpenSSH sshd中的ForceComman

Description

This module determine the vulnerability of a bash binary to the shellshock exploits (CVE-2014-6271 or CVE-2014-7169) and then patch that where possible

Readme

This module determine the vulnerability of a bash binary to the shellshock exploits (CVE-2014-6271 or CVE-2014-7169) and then patch that where possible.

Supported platforms:

* Debian (5, 6, 7)
* Ubuntus (12.04 LTS, 14.04 LTS, 14.10)
* RHEL/CentOS (5, 6)

Usage
------

```puppet
  class {'shellshock':
  }
```

Facter provided

```bash
facter -p shellshock
not_vulnerable
```

Author
------

* Renan Vicente ([@renanvicente](https://github.com/renanvicente/))

File Snapshot


 [4.0K]  /data/pocs/2b722b0c8653e1db15f85c926ed86d290a6c2c79
├── [4.0K]  lib
│   └── [4.0K]  facter
│       └── [ 140]  shellshock.rb
├── [4.0K]  manifests
│   ├── [4.0K]  fix
│   │   ├── [ 469]  package.pp
│   │   ├── [ 313]  params.pp
│   │   ├── [ 279]  repo.pp
│   │   └── [ 581]  url-package.pp
│   ├── [ 222]  fix.pp
│   └── [  22]  init.pp
├── [1.1K]  metadata.json
├── [ 459]  Modulefile
├── [ 462]  README.md
└── [4.0K]  tests
    └── [  28]  init.pp

5 directories, 11 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!