EurAsiayour console hacking resource
Select topic
  Create an account Home  ·  Your Account  ·  Online Shop  ·  Forums  ·  Downloads new  ·  Wiki  
Main Menu
· Home
· About Us
· Downloads
· FAQ
· Forums
· Info Pages
· Members List
· Online Shop
· PDA - AvantGo
· Private Messages
· Search Stories
· Statistics
· Stories Archive
· Submit Story
· Top 10
· Topics
· Upload
· WAP
· Web Links
· Wiki
· Your Account
· Switch to HTTPS!

Online Shop
Credit Card

Bitcoin

EurAsia Online Shop
enter

new products
· X360ACE V5
· R4i Gold 3DS Plus
· HAKKO SSPON 18G
· NS-Atmosphere
· PsNee modchip PSX
· Mars Pro GM-816HD
· EurAsia File Collection 2017
· Matrix Infinity 2.0
· Modbo 5.0
· Screwdriver GC/SNES
· X360ACE V3
· E3 NOR Flasher
· Corona Postfix Adapter V2
· SuperCIC cart key
· SuperCIC SNES kit
· Gateway 3DS
· X360ACE V1
· 3k3y 3KR (SATA)
· Mtx Glitcher v1
· HAKKO WICK

complete price list

Tor Hidden Service
Tor Project
EurAsia Onion URL: wrqgfbrcgttkp6pi.onion

Who's Online
There are currently 549 guest(s) and 7 member(s) online.

cakey - Columboz - Decrypt786 - deejaymp - popolo - schizojoe - Techdave

Welcome honored guest. You can register for free by clicking here.

Site Protection
INFOSEC
BM

Hot Wikis
Xbox One Dev Mode
PS4 Exploit using Raspberry Pi
Switch Key List
PS4 firmware updates
3k3y nokeys ISO tutorial
3DS game fw updates
3k3y microSD recovery
PS3 SKU Models
PS3 Metldrpwn
Xk3y microSD recovery
Xbox360 motherboards
Xbox360 Reset Glitch Hack
PS3 Blu-ray Drive
Homemade Sputnik360
PS3 BD drive swap
PSP Crypto Keys
PS3_Crypto_Keys
PS3 Hypervisor RE
PS3 Dongle User Guide
PSGroove tutorial
Xecuter LT Fakir
PS3 YLOD Fix
NSMB Modchip Tutorial
PS3 Glitch Hack
Xbox360NoDvdRom
Ps3FactoryRestore
Free60JtagHack
Ps3HddDecrypt
WiiKey2EjectFix
SaveMiiFree
WiiHwDiagram
Ps3OsRels
PandoraNoHomebrewPsp
GcOsMultiGameWiiHowTo
Xbox360LinuxBurn
Xbox360EraserFix
Xbox360Kernel
Xbox360DisasmXtreme
Ps2HdlPatchTutorial
Ps2VersionTable
XboxErrorCodes
XboxVersionTable
GameCubeLaserTweak
ModchipSolderingGuide
PspUmdIsoHaxorLinux

RSS Feed
News & Downloads & Wiki

IRC
#eur
EFnet

Hosted By

Ad

Respected Sites
Home of the Hitmen
radare
gc-forever
pouet.net
English Amiga Board
GXArena OFW Repo
WiiBrew
WiiUBrew
3DBrew
SwitchBrew
Games and Consoles
Maxconsole.com
Console Wizard
GameCube Linux
Xbox Linux
Xbox-Scene.com
XboxHacker.Net
xbins.org
Doom9.net
bunnie's blog
debugmo.de
GX-Mod.com
ElOtroLado.net
uCON64
GBADEV.ORG
GBAtemp.net
PocketHeaven.com
PDRoms
GameSX.com
ASSEMbler
phrack.org
Woz.org

Support...

Bitcoin

Namecoin

radare

OpenCores
LibreCores
Electronic Frontier Foundation
Amnesty International

Nectarine Radio

Demovibes Radio

GNU
Linux
Mozilla

Total Page Views
We received
171596644
page views since June 2002


Moderated by: Robert

EurAsia : Index PC tech Shellshock is still a thing!
New Topic   Post Reply
Author Shellshock is still a thing!
modrobert



donor

Registered: 2003-10-17
From: Bangkok
Messages: 6535
Status: Offline
 _#34890 posted 2016-07-08 @ 01:40 GMT   


Shellshock was reported back in 2014, some of the vulnerabilities were fixed shortly after that in major Linux distribution updates, but unfortunately bash is still partially vulnerable.


How to check
Code:
$ bash  
$ testfunc() { echo fail; }
$ export -f testfunc
$ bash -c testfunc



Vulnerable output
Quote:
fail



Patched output
Quote:
bash: testfunc: command not found




Fix by patching bash binary directly
Code:
perl -pi.bak -e 's/\((\) \{\0)/\0\1/g' bash




I just checked, Ubuntu 16.04 and Debian jessie still have vulnerable bash.

NOTE: Ubuntu and Debian use 'dash' as the default system shell (linked via /bin/sh) these days, and 'dash' is unaffected, so this is mainly a problem for those who configure to use 'bash' specifically, or use a script which directly calls '#!/bin/bash', or use a Linux distribution which still has 'bash' configured as default shell.

[ This message was edited by modrobert on 2016-07-08 @ 02:28 GMT ]
  _____________________________ ____________     __________________ /\________
  \    __________________      \      _____/____/     _    \       /_        /
 /     /       |       l/     _/    ____)     _/      _     \     \/  cREAM /
/______________l_______/       \______________\_______|      \_   /________/
 -+--Mo!-------------- \________/ ------------------- l_______/_____\ -----+-

 Profile  pm  www    Quote
modrobert



donor

Registered: 2003-10-17
From: Bangkok
Messages: 6535
Status: Offline
 _#35680 posted 2017-09-20 @ 05:11 GMT   
Now it is 2017, still not patched!
  _____________________________ ____________     __________________ /\________
  \    __________________      \      _____/____/     _    \       /_        /
 /     /       |       l/     _/    ____)     _/      _     \     \/  cREAM /
/______________l_______/       \______________\_______|      \_   /________/
 -+--Mo!-------------- \________/ ------------------- l_______/_____\ -----+-

 Profile  pm  www    Quote
modrobert



donor

Registered: 2003-10-17
From: Bangkok
Messages: 6535
Status: Offline
 _#36162 posted 2018-09-25 @ 07:28 GMT   
...and 2018, still a thing.
  _____________________________ ____________     __________________ /\________
  \    __________________      \      _____/____/     _    \       /_        /
 /     /       |       l/     _/    ____)     _/      _     \     \/  cREAM /
/______________l_______/       \______________\_______|      \_   /________/
 -+--Mo!-------------- \________/ ------------------- l_______/_____\ -----+-

 Profile  pm  www    Quote
_
New Topic   Post Reply
Jump To
 

All trademarks and copyrights on this page are owned by their respective owners.
Comments and forum messages are owned by the Poster.