有人可以解释的炮弹休克猛砸code? [英] Can someone explain the Shell Shock Bash code?
问题描述
我有问题理解以下code,这是code中的炮弹休克的脆弱性的证明。
有人可以解释给我吗?特别地,这部分(){:;};
ENV X ='(){:;};回声-c回声这是一个测试弱势的bash
ENV X ='(){:;};回声-c回声这是一个测试弱势的bash
什么 ENV
呢?
结果从文档, ENV
运行在修改后的环境计划
结果
ENV [选项] ... [ - ] [NAME = VALUE] ... [COMMAND [ARG] ...]
明确指出, X
是一个名称/变量,(){:;};回声弱势
为fo变量的值
结果
什么是现在的(){:;};
?
结果
当一个函数被导出时,bash存储其defenition作为价值的环境变量
$ X(){回声世界你好;}
$出口点¯x
$ ENV | grep的点¯x
X =(){回声的Hello World};
现在,当 X ='(){:;}
表示类似写
$ X(){:;}
$出口点¯x
$ ENV | grep的点¯x
这是我们间接作出出口X
到由 ENV创建的新environmnet
结果
在这里,:
是在bash一个空语句
希望它能帮助
I am having problems understanding the following code, which is the Shell Shock 'proof of vulnerability' code.
Can someone explain it to me? Specially, this part "() { :;};
"
env x='() { :;}; echo vulnerable' bash -c "echo this is a test"
env x='() { :;}; echo vulnerable' bash -c "echo this is a test"
what env
does?
From the docs, env
runs programs in modified environment
env [OPTION]... [-] [NAME=VALUE]... [COMMAND [ARG]...]
it clear that x
is a name/variable and () { :;}; echo vulnerable'
is the value fo the variable
now what is () { :;};
?
when a function is exported, bash stores its defenition as value to the environment variable
$ x() {echo hello world;}
$ export x
$ env | grep x
x=() {echo hello world};
now when x='() {:;}'
means similar as writing
$ x() {:;}
$ export x
$ env | grep x
That is we indirectly made export x
onto the new environmnet created by the env
Here :
is a null statement in bash
Hope it helps
这篇关于有人可以解释的炮弹休克猛砸code?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!