nerdexam
EC-Council

312-50V10 · Question #906

What is the Shellshock bash vulnerability attempting to do on a vulnerable Linux host? env x='(){ :;};echo exploit' bash 璫 `cat/etc/passwd'

The correct answer is D. Display passwd content to prompt. The Shellshock exploit appends an arbitrary command after a malformed bash function definition in an environment variable, causing bash to execute it - here displaying the /etc/passwd file contents.

System Hacking

Question

What is the Shellshock bash vulnerability attempting to do on a vulnerable Linux host? env x='(){ :;};echo exploit' bash 璫 `cat/etc/passwd'

Options

  • ARemoves the passwd file
  • BChanges all passwords in passwd
  • CAdd new user to the passwd file
  • DDisplay passwd content to prompt

How the community answered

(37 responses)
  • A
    11% (4)
  • B
    3% (1)
  • C
    5% (2)
  • D
    81% (30)

Why each option

The Shellshock exploit appends an arbitrary command after a malformed bash function definition in an environment variable, causing bash to execute it - here displaying the /etc/passwd file contents.

ARemoves the passwd file

The command uses 'cat' to read the file, not 'rm' or any deletion command, so the passwd file is not removed.

BChanges all passwords in passwd

The command only reads and outputs the passwd file contents; no 'passwd', 'chpasswd', or similar password-modification command is present.

CAdd new user to the passwd file

No user-creation command such as 'useradd' or an append operation using '>>' is included, so no new user is added to the passwd file.

DDisplay passwd content to promptCorrect

The Shellshock vulnerability (CVE-2014-6271) causes bash to execute commands appended after a crafted function definition when processing environment variables. The trailing 'cat /etc/passwd' command reads and prints the file to standard output, disclosing usernames and account metadata without modifying or deleting anything. This technique was commonly used in initial reconnaissance after exploiting Shellshock on web servers running CGI scripts.

Concept tested: Shellshock bash vulnerability arbitrary code execution

Source: https://nvd.nist.gov/vuln/detail/CVE-2014-6271

Topics

#Shellshock#bash vulnerability#command injection#CVE exploitation

Community Discussion

No community discussion yet for this question.

Full 312-50V10 Practice