nerdexam
EC-Council

312-50V11 · Question #906

What is the Shellshock bash vulnerability attempting to do on a vulnerable Linux host? env x='(){ :;};echo exploit' bash 璫 `cat/etc/passwd'

The correct answer is D. Display passwd content to prompt. The Shellshock exploit (CVE-2014-6271) abuses Bash's environment variable parsing to execute arbitrary commands - in this case, printing the contents of /etc/passwd to the terminal.

System Hacking

Question

What is the Shellshock bash vulnerability attempting to do on a vulnerable Linux host? env x='(){ :;};echo exploit' bash 璫 `cat/etc/passwd'

Options

  • ARemoves the passwd file
  • BChanges all passwords in passwd
  • CAdd new user to the passwd file
  • DDisplay passwd content to prompt

How the community answered

(31 responses)
  • A
    6% (2)
  • B
    3% (1)
  • C
    13% (4)
  • D
    77% (24)

Why each option

The Shellshock exploit (CVE-2014-6271) abuses Bash's environment variable parsing to execute arbitrary commands - in this case, printing the contents of /etc/passwd to the terminal.

ARemoves the passwd file

The payload uses `cat` to read the passwd file, not `rm` or any deletion command, so the file remains intact.

BChanges all passwords in passwd

The command only reads and outputs the passwd file content - no `passwd`, `chpasswd`, or write operation is performed that would alter any passwords.

CAdd new user to the passwd file

There is no `useradd`, `adduser`, or equivalent command in the payload - it only reads and displays the existing file contents.

DDisplay passwd content to promptCorrect

Shellshock exploits a flaw where Bash processes trailing commands appended after a function definition in an environment variable. The payload `env x='() { :;}; echo exploit' bash -c 'cat /etc/passwd'` causes Bash to execute the `cat /etc/passwd` command, which reads and displays all entries in the passwd file to standard output - it does not modify or delete the file.

Concept tested: Shellshock Bash vulnerability command injection

Source: https://nvd.nist.gov/vuln/detail/CVE-2014-6271

Topics

#Shellshock#bash vulnerability#command injection#/etc/passwd

Community Discussion

No community discussion yet for this question.

Full 312-50V11 Practice