Latest Content From EB Media

Shellshock: The Next Heartbleed?

A demonstration of the Shellshock bug. [Credit: Stan Schroeder, Mashable]

A team of security researchers has found an extremely serious vulnerability that may affect hundreds of millions of computers, servers, and other devices. The bug is called “Shellshock” and can be used to take control of any system that uses the Bash shell.

Bash is used by Unix-based systems and stands for “Bourne-again shell.” A shell is a program that essentially mediates interaction between the user and the system. It basically translates the commands that the user enters into the prompt into something that the system can understand and execute. The Shellshock bug allows hackers to intervene in this process and add malicious code. This may allow the hacker to take full control of the processes on the computer.

Unix is the basis for all machines running Mac OS X or that run a variant of Linux. This means that many personal devices as well as web servers have been affected.

The vulnerability affects all versions of Bash through 4.3. That is, about 25 years’ worth of Bash versions have been affected. Also, since administrators do not update Bash versions on a regular basis, the Shellshock bug may actually be much more serious than the Heartbleed bug ever was, which only affected a couple of years’ worth of OpenSSL versions.

A user over at serverfault.com suggests a test for the Shellshock bug. Open Terminal in Mac OS X or any Linux variant. In Terminal, first type in:

export testbug='() { :;}; echo VULNERABLE’
and press enter.

Then, type in:

bash -c “echo Hello”
[Do not copy and paste since the formatting throws the function off.] An affected version of bash will output the word “VULNERABLE” as well as “Hello.”

Simply put, bash stores the extra code (here, “echo VULNERABLE”) even after the variable (“testbug”) has been defined. Since it has been stored, the code for “echo VULNERABLE” will be executed when bash is invoked with “bash -c” and the word “VULNERABLE” will be printed out.  You have, thus, exploited the Shellshock vulnerability. In place of “echo VULNERABLE,” a hacker could place malicious code.

The news about Shellshock was released on Wednesday. Some of the more popular Linux distributions, including Red Hat and Ubuntu, have made patches available. However, some of these patches have been reported to be incomplete. It is also expected that Apple will soon release a fix for Mac computers.

Also, it has been reported that hackers have started to exploit the vulnerability in attacks. This is because the code needed to exploit the vulnerability is simple enough that an amateur hacker could easily input the code necessary to carry it out.

About the Author:

Vishnu is a producer and the Chairman of the Science and Tech Department here at EB Media. He has a great fascination with technology and science. He enjoys staying up-to-date and voicing his opinions on these topics.

Leave a comment

Your email address will not be published.


*