CVE-2014-6271 PoC — GNU Bash 远程代码执行漏洞

Source

https://github.com/teedeedubya/bash-fix-exploit

Associated Vulnerability

Title:GNU Bash 远程代码执行漏洞 (CVE-2014-6271)
Description:GNU Bash是美国软件开发者布莱恩-福克斯（Brian J. Fox）为GNU计划而编写的一个Shell（命令语言解释器），它运行于类Unix操作系统中（Linux系统的默认Shell），并能够从标准输入设备或文件中读取、执行命令，同时也结合了一部分ksh和csh的特点。 GNU Bash 4.3及之前版本中存在安全漏洞，该漏洞源于程序没有正确处理环境变量值内的函数定义。远程攻击者可借助特制的环境变量利用该漏洞执行任意代码。以下产品和模块可能会被利用：OpenSSH sshd中的ForceComman

Description

Ansible role to check the CVE-2014-6271 vulnerability

Readme

# bash-fix-exploit

- A tiny role that checks to see if the CVE-2014-6271 exploit is still valid
- Use at your own risk...
- Read about the exploit here: https://community.rapid7.com/community/infosec/blog/2014/09/25/bash-ing-into-your-network-investigating-cve-2014-6271 
## Requirements

- Assumes that you're using bash as your shell

## Role Variables

- update_bash - defaults to "no". If "yes", then bash will be updated on RedHat based systems

## Dependencies

None

## Example Playbook

```yaml
- hosts: all
  sudo: yes
  roles:
    - role: bash-fix-exploit 
```

## License

MIT

## Author Information

Tony Welder
tony.wvoip@gmail.com

File Snapshot


 [4.0K]  /data/pocs/934a7d7bd71c6ccb7dea9e89e6961b906238aceb
├── [4.0K]  defaults
│   └── [  69]  main.yml
├── [1.1K]  LICENSE
├── [4.0K]  meta
│   └── [ 289]  main.yml
├── [ 646]  README.md
├── [4.0K]  tasks
│   └── [ 422]  main.yml
└── [  57]  test.yml

3 directories, 6 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!