Compile o BASH 4.3 em qualquer distro (fix shellshock)

De Wiki Hackstore

Teste se seu interpretador de comandos está vulnerável:

env x='() { :;}; echo vulnerable' bash -c "echo this is a test"


Caso esteja, atualize para a versão 4.3 do BASH para sanar a vulnerabilidade do shellshock (CVE-2014-7169)

mkdir -p /tmp/bash && cd /tmp/bash

wget https://ftp.gnu.org/gnu/bash/bash-4.3.tar.gz

for i in $(seq -f "%03g" 1 46); do wget --no-check-certificate https://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-$i; done

tar xzvf bash-4.3.tar.gz 

cd bash-4.3

for i in $(seq -f "%03g" 1 46);do patch -p0 < ../bash43-$i; done

./configure --prefix=/usr --bindir=/bin --without-bash-malloc 

make && make install


ou


mkdir -p /tmp/bash && cd /tmp/bash

declare LINK="https://ftp.gnu.org/gnu/bash"

wget --no-check-certificate ${LINK}/bash-4.3.tar.gz

for i in $(seq -f "%03g" 1 $(curl -s ${LINK}/bash-4.3-patches/|grep sig|awk '{print $6}'|cut -d"\"" -f2\
|sed s,\.sig,,g|cut -d'-' -f2|tail -1)); do wget --no-check-certificate ${LINK}/bash-4.3-patches/bash43-$i; done

tar xzvf bash-4.3.tar.gz ; cd bash-4.3

for i in $(seq -f "%03g" 1 46);do patch -p0 < ../bash43-$i; done

./configure --prefix=/usr --bindir=/bin --without-bash-malloc 

make && make install


ou


wget http://hackstore.com.br/downloads/bash/bash-patch39.tar.bz2

mkdir /tmp/bash -p ; tar xjvpf bash-patch39.tar.bz2 -C /tmp/bash ; cd /tmp/bash/

tar xzvf bash-4.3.tar.gz ; cd bash-4.3

for i in $(seq -f "%03g" 1 46);do patch -p0 < ../bash43-$i; done

./configure --prefix=/usr --bindir=/bin --without-bash-malloc 

make && make install