Can someone explain the Shell Shock Bash code? [du

2019-02-25 10:35发布

This question already has an answer here:

Is the behavior behind the Shellshock vulnerability in Bash documented or at all intentional? 4 answers

I am having problems understanding the following code, which is the Shell Shock 'proof of vulnerability' code. Can someone explain it to me? Specially, this part "() { :;};"

env x='() { :;}; echo vulnerable' bash -c "echo this is a test"

标签： linux bash unix ubuntu shellshock-bash-bug

1条回答

我想做一个坏孩纸

2楼-- · 2019-02-25 10:53

env x='() { :;}; echo vulnerable' bash -c "echo this is a test"

what env does?
From the docs, env runs programs in modified environment

env [OPTION]... [-] [NAME=VALUE]... [COMMAND [ARG]...]

it clear that x is a name/variable and () { :;}; echo vulnerable' is the value fo the variable

now what is () { :;};?
when a function is exported, bash stores its defenition as value to the environment variable

$ x() {echo hello world;}
$ export x
$ env | grep x
x=() {echo hello world};

now when x='() {:;}' means similar as writing

$ x() {:;}
$ export x
$ env | grep x

That is we indirectly made export x onto the new environmnet created by the env
Here : is a null statement in bash

Hope it helps

0人赞添加讨论(0) 举报

Can someone explain the Shell Shock Bash code? [du

采纳回答

编辑标签

举报内容

检举类型

检举原因

检举说明(必填)

打开微信“扫一扫”，打开网页后点击屏幕右上角分享按钮

付费偷看金额在0.1-10元之间