312-50V11 · Question #906
What is the Shellshock bash vulnerability attempting to do on a vulnerable Linux host? env x='(){ :;};echo exploit' bash 璫 `cat/etc/passwd'
The correct answer is D. Display passwd content to prompt. The Shellshock exploit (CVE-2014-6271) abuses Bash's environment variable parsing to execute arbitrary commands - in this case, printing the contents of /etc/passwd to the terminal.
Question
What is the Shellshock bash vulnerability attempting to do on a vulnerable Linux host? env x='(){ :;};echo exploit' bash 璫 `cat/etc/passwd'
Options
- ARemoves the passwd file
- BChanges all passwords in passwd
- CAdd new user to the passwd file
- DDisplay passwd content to prompt
How the community answered
(31 responses)- A6% (2)
- B3% (1)
- C13% (4)
- D77% (24)
Why each option
The Shellshock exploit (CVE-2014-6271) abuses Bash's environment variable parsing to execute arbitrary commands - in this case, printing the contents of /etc/passwd to the terminal.
The payload uses `cat` to read the passwd file, not `rm` or any deletion command, so the file remains intact.
The command only reads and outputs the passwd file content - no `passwd`, `chpasswd`, or write operation is performed that would alter any passwords.
There is no `useradd`, `adduser`, or equivalent command in the payload - it only reads and displays the existing file contents.
Shellshock exploits a flaw where Bash processes trailing commands appended after a function definition in an environment variable. The payload `env x='() { :;}; echo exploit' bash -c 'cat /etc/passwd'` causes Bash to execute the `cat /etc/passwd` command, which reads and displays all entries in the passwd file to standard output - it does not modify or delete the file.
Concept tested: Shellshock Bash vulnerability command injection
Source: https://nvd.nist.gov/vuln/detail/CVE-2014-6271
Topics
Community Discussion
No community discussion yet for this question.