1601, 80/81 ȸ¿ø°¡ÀÔ  ·Î±×ÀΠ 
   ÇØÅ·ÀßÇÏ°í½Í´Ù
   http://¾øÀ½
   image.png (46.0 KB), Download : 8     [¿À¸¥ÂÊ ¹öÆ° ´­·¯ ´Ù¿î ¹Þ±â]
   ShellshockÀÇ ±âº» ¿ä¾à

http://www.hackerschool.org/HS_Boards/zboard.php?id=Free_Lectures&no=8589 [º¹»ç]



Shellshock¶õ 2014³â¿¡ ¹ß°ßµÈ bash ½©¿¡¼­ ȯ°æ º¯¼ö¿¡ ÀúÀåµÈ ÇÔ¼ö Á¤ÀǸ¦ ó¸®ÇÒ ¶§
¹ß»ýÇÏ´Â Ãë¾àÁ¡À¸·Î CVE-2014-6271¿¡ º¸°íµÈ Áß´ëÇÑ Ãë¾àÁ¡ÀÌ´Ù.

ȯ°æº¯¼ö¸¦ ÅëÇØ Àü´ÞµÈ µ¥ÀÌÅ͸¦ Á¦´ë·Î °ËÁõÇÏÁö ¾Ê°í
½ÇÇà °¡´ÉÇÑ ÄÚµå·Î ó¸®Çعö¸®´Â ¹®Á¦°¡ ÀÖÀ¸¸ç °á°úÀûÀ¸·Î
°ø°ÝÀÚ´Â ¾Ç¼º Äڵ带 ȯ°æ º¯¼ö¿¡ »ðÀÔÇÏ°í
À̸¦ Bash¸¦ ÅëÇØ ½ÇÇàÇÏ¿© ½Ã½ºÅÛ ±ÇÇÑÀ¸·Î ÀÓÀÇÀÇ ¸í·ÉÀ» ½ÇÇàÇÒ ¼ö ÀÖ´Ù.

Ãë¾àÁ¡ÀÇ ¿øÀÎÀº ¹«¾ùÀϱî?
Bash´Â ȯ°æ º¯¼ö¿¡ ÇÔ¼ö Á¤ÀǸ¦ ÀúÀåÇÏ°í À̸¦ ½ÇÇàÇÒ ¼ö ÀÖ´Â ±â´ÉÀ» Áö¿øÇÑ´Ù.

Ãë¾àÁ¡ÀÌ ÀÖ´ÂÁö ¾ø´ÂÁö È®ÀÎÇÏ·Á¸é ¾Æ·¡¿Í °°ÀÌ Å͹̳ÎÀ» ÅëÇØ È®ÀÎÇÏ¸é µÈ´Ù.


===================================
export MYFUNC='() { :; }; echo Exploited'
bash -c "echo Test"

Exploited
Test
===================================

Ãâ·ÂÀ» ºÐ¼®ÇÏÀÚ¸é... Ãë¾àÇÑ °æ¿ì¿£ À§ÀÇ Ãâ·Â°á°ú°¡
**Exploited**°¡ Æ÷ÇԵǸé, ÇØ´ç Bash°¡ Ãë¾àÇÑ °ÍÀÌ´Ù.

ÆÐÄ¡µÈ °æ¿ì¿£ ÆÐÄ¡µÈ Bash´Â ÇÔ¼ö Á¤ÀÇ ÀÌÈÄÀÇ ¸í·É¾î¸¦ ½ÇÇàÇÏÁö ¾ÊÀ¸¸ç
¾Æ·¡¿Í °°ÀÌ °æ°í ¸Þ½ÃÁö¸¦ Ãâ·ÂÇÑ´Ù.

===================================
bash: warning: MYFUNC: ignoring function definition attempt
bash: error importing function definition for `MYFUNC'
===================================


´ëÀÀ ¹æ¹ýÀº Bash¸¦ ÃÖ½ÅÀ¸·Î ¾÷µ¥ÀÌÆ®¸¦ ÇÏ´Â °ÍÀÌ´Ù.

sudo apt update && sudo apt upgrade   # Debian/Ubuntu °è¿­
sudo yum update                       # Red Hat °è¿­

¶Ç´Â Bash´ë½Å Dash, Zsh¿Í °°Àº ½©À» »ç¿ëÇÏ¸é µÈ´Ù.

³»¿ëÀ» ¿ä¾àÇÏÀÚ¸é
Exploited°¡ Ãâ·ÂµÇ¸é ÇØ´ç Bash ¹öÀüÀº Shellshock Ãë¾àÁ¡¿¡ Ãë¾àÇÑ »óÅ´Ù.
Áï½Ã ÆÐÄ¡¸¦ Àû¿ëÇϰųª, ½Ã½ºÅÛ È¯°æ ¼³Á¤À» Á¡°ËÇØ¾ß ÇÑ´Ù.
ÀÌ Ãë¾àÁ¡Àº ¾Ç¼º ÄÚµå ½ÇÇà(RCE)·Î À̾îÁú ¼ö ÀÖ¾î ½É°¢ÇÑ º¸¾È À§ÇùÀ» ÃÊ·¡ÇÑ´Ù.


Ãë¾àÇÑ Bash ¹öÀüÀº Bash 1.14~4.3±îÁöÀÇ ¹öÀüÀÌ
Shellshock(CVE-2014-6271) ¹× °ü·Ã Ãë¾àÁ¡ÀÇ ¿µÇâÀ» ¹Þ´Â´Ù.
¾Æ·¡´Â °¢ ¹öÀü°ú ÁÖ¿ä Ãë¾àÁ¡ °ü·Ã Á¤º¸´Ù.



CVE-2014-6271
ÇÔ¼ö Á¤ÀÇ µÚ¿¡ ÀÖ´Â Ãß°¡ ¸í·É ½ÇÇà °¡´É (Shellshock)
Bash 1.14~4.3



CVE-2014-7169
CVE-2014-6271¿¡ ´ëÇÑ ºÒ¿ÏÀüÇÑ ÆÐÄ¡ ¿ìȸ °¡´É
Bash 1.14~4.3



CVE-2014-7186
BashÀÇ ¸Þ¸ð¸® ¼Õ»ó Ãë¾àÁ¡
Bash 1.14~4.3



CVE-2014-7187
BashÀÇ È÷½ºÅ丮 ÆÄÀÏ Ã³¸® °úÁ¤¿¡¼­ ¹ß»ýÇÏ´Â ¹®Á¦
Bash 1.14~4.3



CVE-2014-6277
CVE-2014-6271°ú °ü·ÃµÈ ¸í·É¾î »ðÀÔ Ãë¾àÁ¡
Bash 1.14~4.3



CVE-2014-6278
ÇÔ¼ö Á¤ÀÇ¿Í ¸í·É¾î ½ÇÇà ¹®Á¦¿Í °ü·ÃµÈ Ãß°¡ Ãë¾àÁ¡
Bash 1.14~4.3



ÁÖ¿ä Bash ¹öÀü°ú Ãë¾àÁ¡ »óÅÂ

Bash 1.x ~ 2.x:
ShellshockÀÇ ¿µÇâÀ» ¹ÞÀ½.
ÀÌ ¹öÀüÀº 1990³â´ë ÃÊ¹Ý ¹èÆ÷µÈ ¿À·¡µÈ ¹öÀüÀÌ´Ù.

Bash 3.x:
ShellshockÀÇ ¿µÇâÀ» ¹ÞÀ½.
¸¹Àº ¼­¹ö¿Í ½Ã½ºÅÛ¿¡¼­ »ç¿ëµÇ¾úÀ¸¸ç,
ƯÈ÷ ·¹°Å½Ã ½Ã½ºÅÛ¿¡¼­ ¿©ÀüÈ÷ »ç¿ë °¡´É¼ºÀÌ ³ôÀ½.



Bash 4.x (ÃÖ´ë 4.3):
ShellshockÀÇ ¿µÇâÀ» ¹ÞÀ½.
ÃֽŠ¸®´ª½º ¹èÆ÷ÆÇ¿¡¼­ ±âº»À¸·Î Á¦°øµÇ´ø ¹öÀü.

Bash 4.3 ÀÌÈÄ:
Shellshock°ú °ü·ÃµÈ ¸ðµç Ãë¾àÁ¡¿¡ ´ëÇÑ ÆÐÄ¡°¡ Àû¿ëµÈ ¹öÀü.
Ãë¾àÁ¡ÀÌ ÇØ°áµÊ.

Ãë¾àÁ¡ ÇØ°áµÈ ¹öÀü

Shellshock °ü·Ã Ãë¾àÁ¡ÀÌ ÇØ°áµÈ ù ¹ø° ¾ÈÁ¤ ¹öÀüÀº Bash 4.3.27ÀÌ´Ù.
ÃֽŠ¹öÀü(2024³â ±âÁØ)Àº Bash 5.x ÀÌ»óÀ¸·Î, Shellshock¿¡ ¾ÈÀüÇÏ´Ù.


´ÙÀ½ ¸í·É¾î·Î ÇöÀç ½Ã½ºÅÛÀÇ Bash ¹öÀüÀ» È®ÀÎÇÒ ¼ö ÀÖ½À´Ï´Ù:

bash --version
GNU bash, version 4.3.11(1)-release (x86_64-pc-linux-gnu)
À§ ¿¹¿¡¼­´Â Bash 4.3.11À̹ǷΠShellshock¿¡ Ãë¾àÇÏ´Ù.

ShellshockÀÇ ±âº» À̷аú ¿ä¾àÀº ¿©±â±îÁö ÇÏ°í
pwnable.krÀÇ Shellshock ¹®Á¦ °ø·«À» ¿Ã¸®¸é¼­ ¸¶¹«¸®¸¦ ÇÏ°Ú´Ù.

  Hit : 205     Date : 2024/11/23 09:43



    
21   °í¼ö´ÔµéÀÇ µµ¿òÀ» ¹Þ°í ½Í½À´Ï´Ù     vbnm111
02/11 987
20   ¸®´ª½º/À©µµ¿ì º¸¾È Àåºñ ·Î±×     ÇØÅ·ÀßÇÏ°í½Í´Ù
05/20 902
19   ¸®´ª½º À¥ ·Î±× ºÐ¼®     ÇØÅ·ÀßÇÏ°í½Í´Ù
05/20 746
18   ÆÄÀ̽㠼ÒÄÏ ÇÁ·Î±×·¡¹ÖÀÇ ±âÃÊ     ÇØÅ·ÀßÇÏ°í½Í´Ù
05/26 1125
17   ÆÄÀ̽ã äÆà ÇÁ·Î±×·¥ ±¸Çö     ÇØÅ·ÀßÇÏ°í½Í´Ù
05/28 975
16   ÆÄÀ̽ã random¸ðµâÀ» ÀÌ¿ëÇÑ ¼ýÀÚ¸ÂÃ߱⠰ÔÀÓ ±¸Çö     ÇØÅ·ÀßÇÏ°í½Í´Ù
05/30 1071
15   ÆÄÀ̽ãÀ» ÀÌ¿ëÇÑ ½ÉÇà À¥ Å©·Ñ·¯     ÇØÅ·ÀßÇÏ°í½Í´Ù
08/13 520
14   netdiscover ÆÄÀ̽ãÀ¸·Î ±¸ÇöÇϱ⠠   ÇØÅ·ÀßÇÏ°í½Í´Ù
08/13 642
13   [pwnable.kr] cmd1 °ø·«     ÇØÅ·ÀßÇÏ°í½Í´Ù
10/23 371
12   [Windows API] Keyboard Hooking     ÇØÅ·ÀßÇÏ°í½Í´Ù
11/20 195
11   Keyboard Hooking -part2 - (Python3 ver)     ÇØÅ·ÀßÇÏ°í½Í´Ù
11/20 212
10   ÇØÄ¿µéÀÌ ÇØÅ·½Ã »ç¿ëÇÏ´Â µð·ºÅ丮 °ø°£[1]     ÇØÅ·ÀßÇÏ°í½Í´Ù
11/22 238
9   VPNÀÌ ¿¬°áµÇ¾ú´Ù°¡ µµÁß¿¡ ²¨µµ À¥ ºê¶ó¿ìÀú»ó¿¡¼­ À¯ÁöµÇ´Â ÀÌÀ¯     ÇØÅ·ÀßÇÏ°í½Í´Ù
11/22 195
8   [pwnable.kr] fd     ÇØÅ·ÀßÇÏ°í½Í´Ù
11/23 194
  ShellshockÀÇ ±âº» ¿ä¾à     ÇØÅ·ÀßÇÏ°í½Í´Ù
11/23 204
6   [pwnable.kr] Shellshock[1]     ÇØÅ·ÀßÇÏ°í½Í´Ù
11/23 237
5   [pwnable.kr] bof     ÇØÅ·ÀßÇÏ°í½Í´Ù
12/25 98
4   [Write Up] Crypto Cat's CTF 2024 - BabyFlow     ÇØÅ·ÀßÇÏ°í½Í´Ù
12/29 107
3   [overthewire.org] - leviathan0     ÇØÅ·ÀßÇÏ°í½Í´Ù
01/14 25
2   [overthewire.org] - leviathan1     ÇØÅ·ÀßÇÏ°í½Í´Ù
01/14 47
[1]..[71][72][73][74][75][76][77][78][79] 80 ..[81]

Copyright 1999-2025 Zeroboard / skin by Hackerschool.org / Secure Patch by Hackerschool.org