Protection
How to protect yourself against Shellshock Bash vulnerability
Bash is one of the most used shells on Unix based systems. The discovered shellshock vulnerability affects millions of systems. Learn how to protect.
Summary
Bash is one of the most used shells on Unix based systems. The newly discovered “shellshock” vulnerability affects millions of systems.
The weakness abuses an internal check when Bash gets a variable declaration. By defining this variable and putting more “stuff” (commands) in it, Bash will actually execute those commands as well. Unfortunately this results in several possible ways to exploit it by attackers.
Websites
One way this vulnerability scan be exploited, is by embedding it in HTTP requests. The extra payload might be the value for a cookie. Some CGI scripts, which reference to Bash as their shell, then will be tricked in executing commands when parsing the value of the cookie. Needless to say, but from there anything is possible, from revealing the contents of files, to implementing a backdoor.
Protect against the BEAST attack in Nginx
The BEAST attack showed up in 2011 and some servers are still vulnerable to it. With the right protocols, ciphers and preference, we can keep the BEAST out.
Summary
What is this BEAST?
BEAST, or “Browser Exploit Against SSL/TLS” is an attack against the cipher block chaining (CBC) method used with SSL/TLS. The weakness was discovered in 2002, but finally proven in 2011 by security researchers Thai Duong and Juliano Rizzo. With real proof of concept code, they showed it was no longer a theoretical attack.
To successfully perform the BEAST attack, there are some conditions which needs to be met: