312-50V10 · Question #240
What is the Shellshock bash vulnerability attempting to do a vulnerable Linux host? env x='(){ :;};echo exploit' bash -c 'cat/etc/passwd'
The correct answer is D. Display passwd content to prompt. The Shellshock exploit injects commands after a bash function definition in an environment variable, causing bash to execute them - here, reading and printing /etc/passwd to the terminal.
Question
What is the Shellshock bash vulnerability attempting to do a vulnerable Linux host? env x=’(){ :;};echo exploit’ bash -c ‘cat/etc/passwd’
Options
- ARemoves the passwd file
- BChanges all passwords in passwd
- CAdd new user to the passwd file
- DDisplay passwd content to prompt
How the community answered
(48 responses)- A2% (1)
- B4% (2)
- C8% (4)
- D85% (41)
Why each option
The Shellshock exploit injects commands after a bash function definition in an environment variable, causing bash to execute them - here, reading and printing /etc/passwd to the terminal.
The 'cat' command only reads and outputs file contents; removing a file requires the 'rm' command, which is not present in this payload.
The command performs a read-only operation on /etc/passwd and does not invoke passwd, chpasswd, or any write operation that would modify password entries.
Adding a user requires 'useradd' or direct write access to append a new entry; this command only reads the file and cannot modify it.
CVE-2014-6271 (Shellshock) exploits bash's incorrect parsing of function definitions in environment variables; anything after the '};' sequence is executed as a shell command. In this payload, 'cat /etc/passwd' reads the local password file and outputs its contents to standard output, exposing usernames, UIDs, and shell information.
Concept tested: Shellshock CVE-2014-6271 bash injection exploit
Source: https://nvd.nist.gov/vuln/detail/CVE-2014-6271
Topics
Community Discussion
No community discussion yet for this question.