0

我正在了解 ShellShock 漏洞,我想测试旧版本的 Bash。我从GNU 网站
下载了 Bash 4.2 。提取内容后,我根据GNU 指南编译它,如下所示:

bash ./configure
make

完成后,我运行以下漏洞利用来查看 bash 是否易受攻击:

env x='() { :;}; echo vulnerable' bash -c "echo this is a test"

但它没有打印“易受攻击”,这意味着它不是易受攻击的,我不明白为什么:

root@ubuntu:~/Desktop/bash-4.2# ./bash
root@ubuntu:~/Desktop/bash-4.2# echo $BASH_VERSION
4.2.0(1)-release
root@ubuntu:~/Desktop/bash-4.2# env x='() { :;}; echo vulnerable' bash -c "echo this is a test"
this is a test
root@ubuntu:~/Desktop/bash-4.2#
4

1 回答 1

1

Use ./bash instead of bash; your current attempt ends up executing the default system Bash instance, which should hopefully indeed not be vulnerable.

As a rule, the current directory is not included in the PATH, and should not be, for reasons exactly like this.

于 2020-12-02T10:32:52.977 回答