Remote Code Exploitation through Bash

http://www.infoq.com/news/2014/09/bash-remote-exploit
https://www.digitalocean.com/community/tutorials/how-to-protect-your-server-against-the-shellshock-bash-vulnerability
http://www.pcweek.ru/foss/blog/foss/6963.php
https://launchpad.net/ubuntu/+source/bash/4.3-7ubuntu1.2
https://launchpad.net/ubuntu/+source/bash/4.3-7ubuntu1.3

nodeX:~ # env VAR='() { :; }; echo Bash is vulnerable!' bash -c "echo Bash Test"
Bash Test
nodeX:~ # ssh nodeY
nodeY:~ # env VAR='() { :; }; echo Bash is vulnerable!' bash -c "echo Bash Test"
Bash is vulnerable!
Bash Test
nodeY:~ # 

http://shellshock.brandonpotter.com/
http://www.shellshocktest.com/
http://bashsmash.ccsir.org/

if you have some old / EOL release:

mkdir src
cd src
wget http://ftp.gnu.org/gnu/bash/bash-4.3.tar.gz
#download all patches
for i in $(seq -f "%03g" 0 25); do wget     http://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-$i; done
tar zxvf bash-4.3.tar.gz 
cd bash-4.3
#apply all patches
for i in $(seq -f "%03g" 0 25);do patch -p0 < ../bash43-$i; done
#build and install
./configure && make && make install
cd .. 
cd ..
rm -r src

ModSecurity2 to Apache HTTP Server (CentOS)

ModSecurity supplies an array of request filtering and other security features to the Apache HTTP Server, IIS and NGINX. ModSecurity is a web application layer firewall. ModSecurity is free software released under the Apache license 2.0.

“ModSecurity2 to Apache HTTP Server (CentOS)”Continue reading

Postfix: systemd-services – mailgraph.service

File of service:
/etc/systemd/system/mailgraph.service

Activating service:

gate:/etc/systemd/system # systemctl enable mailgraph.service
ln -s ‘/etc/systemd/system/mailgraph.service’ ‘/etc/systemd/system/multi-user.target.wants/mailgraph.service’
gate:/etc/systemd/system #

Content of unit file:
“Postfix: systemd-services – mailgraph.service”Continue reading

Scroll to top