Usman Khan Bash Shell Shock and Mitigation

Shell lock is the recent vulnerability discovered in Bash. This is the most recent major vulnerability found after the open SSL heartbleed. In order to understand this vulnerability let us revise the basics of an OS-Operating system. The OS is operating environment build to interact with system resources of any electronic device such as computer, ATM, mobile phones etc. It works by running set of commands and ultimately translated into machine language.

Bash is the default shell of Linux and Mac OS X machines and runs as commands processor to operate with OS, almost all applications running on Mac OS/ Linux uses this powerful script to perform certain functionalities such as directory listing, accessing some device connected to system or interacting with other programmes installed on OS, it has distributed widely as the shell for the GNU operating systems. This shell is not only installed in computers but also many other devices such as ATM(s), Cameras, POS machines, locking devices etc. etc.

The recent vulnerability known as Shell lock executes commands wrap inside a text value parameter. Consider the scenario in which a parameter of your Bash command was supposed to hold text only and that text got executed as Shell command, in other words the text value is now interacting with your OS and manipulating your system such as accessing your webcam , increasing temperature in a production unit , locking/un-locking devices, routing data to un-authorized destinations.

For instance as shown in the following image you can see the text parameter is first listing files and then deleting them, both cases can prove to be very dangerous and can result in indefinite damage.

Now consider your system is a Web server running Linux and hosting some of critical applications in your enterprise, when we say it’s a web server it is subjected to respond to requests outside your perimeter. This command can either got injected as SQL injection exploit or in application having in-secure direct object referencing.


Solution to mitigate this threat.

The hackers nowadays will continue to work on this vulnerability to find ways and execute certain attacks, to prevent this we need to patch the bash with newer version. We already have patches available for different Red hat and Ubuntu machines. The Mac OS is also expected to release patch soon.