The Mysterious Life of Benjamin Bash

Author: No Comments Share:

In a time of shaggy beards, thick glasses, and bell bottomed trousers, was Bourne[i] a way to command the beasty called Unix.  But as is always the way with humans, enough is never enough.  As such, a fancier champion Bashed[ii] onto the scene.  And for many years, Mr. Benjamin Bash served rich and poor alike, in the kitchens of Apache[iii] and countless other dens[iv].

Now as always, dragon slayers[v] comb our lands, searching for kingdom weaknesses.  And of course, our faithful Mr. Bash was never considered a fault.  But his obscure injection[vi] wouldn’t lie dormant forever.  Nay!  One brave warrior, Sir Chazelas[vii], discovered that when ye place an order with lovely CGI[viii] maids, one can also pass an environment[ix] note, which causes Mr. Bash to do unexpected things.  Indeed, in vulnerable establishments, Bash will do whatever ye ask[x].  Even hand over the keys to the castle!  Aye, it’s a sad affair, with grave consequences[xi].

But take heart laddie, and listen up.  We’ve vital information.  Examine the following attack:

bashsmah_pic_2

The smart student would note that for the agent of doom to achieve its nefarious function[xii], some key bits must transfer across our moat[xiii].  The evil parts of the message are the letters “() {“.  I say, our border guards[xiv] should be informed about the matter.  And better yet, we should hastily patch[xv] Mr. Bash to insure he acts properly, and ignores such outsider suggestions.  Sadly some of our smaller holds[xvi] may not receive the message for some time, if ever.

So, with this unsavory matter behind, the mysterious life of Mr. Bash goes on.  But the enemy forces are wily.  They’re schemin’ and plotting as always.  I say let’s do a thorough run down of our defenses, check the checkers, and make sure we’re ready when next our dastardly foo return.

 

Protip: Article best read aloud with a pint and a thick Irish or Scottish accent

[i] http://en.wikipedia.org/wiki/Bourne_shell

[ii] http://en.wikipedia.org/wiki/Bash_(Unix_shell)

[iii] http://en.wikipedia.org/wiki/Apache_HTTP_Server

[iv] http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6271

[v] http://www.alienvault.com/blogs/security-essentials/the-life-of-a-security-researcher

[vi] http://en.wikipedia.org/wiki/Code_injection

[vii] https://lists.debian.org/debian-security-announce/2014/msg00220.html

[viii] http://en.wikipedia.org/wiki/Common_Gateway_Interface

[ix] http://en.wikipedia.org/wiki/Environment_variable

[x] http://shellshock.brandonpotter.com/

[xi] http://www.scmagazine.com/linux-and-os-x-flaw-may-have-greater-impact-than-heartbleed/article/373743/

[xii] http://unix.stackexchange.com/questions/157329/what-does-env-x-command-bash-do-and-why-is-it-insecure

[xiii] http://en.wikipedia.org/wiki/Trust_boundary

[xiv] https://www.owasp.org/index.php/Web_Application_Firewall

[xv] https://bugzilla.redhat.com/show_bug.cgi?id=1141597

[xvi] http://en.wikipedia.org/wiki/Internet_of_Things

Previous Article

Musings on the recent Xen Security Advisories

Next Article

Pirates of the Internetz: The curse of the waterhole

You may also like

Leave a Reply

Your email address will not be published. Required fields are marked *