Meet ShellShock: A New Security Threat For Linux, Unix and Mac systems

1st October 2014


A serious security issue with the Bash shell – a major component of both most UNIX-like operating systems – has been discovered, with significant implications for computer security worldwide.
The issue is present in all versions of the Bash scripting language up to version 4.3, which effects a majority of Linux machines, and the entirety of computers running OS X. and can see an attacker exploiting this issue to launch their own code.
Curious about how it works and how to protect yourself? Read on for more information.
What Is Bash?
Bash (standing for Bourne Again Shell) is the default command line interpreter used on most Linux and BSD distributions, in addition to OS X. It is used as a method of launching programs, using system utilities and interacting with the underlying operating system by launching commands.
In addition, Bash (and most Unix shells) allow the scripting of UNIX functions in small scripts. Similarly to most programming languages – such as Python, JavaScript and CoffeeScript – Bash supports features common with most programming languages, such as functions, variables and scope.


Bash is near ubiquitous, with many people using the term ’Bash’ to refer to all command line interfaces, regardless of whether they’re actually using the Bash shell. And if you’ve ever installed WordPress or Ghost through the command line, or tunneled your web traffic through SSH, you’ve quite possibly used Bash.
It’s everywhere. Which makes this vulnerability all the more worrying.
Dissecting The Attack
The vulnerability – discovered by French security researcher Stéphane Chazleas – has caused a great deal of panic in Linux and Mac users worldwide, as well as attracted attention in the technology press. And for good reason too, as Shellshock could potentially see attackers gaining access to privileged systems and executing their own malicious code. It’s nasty.
But how does it work? At the lowest possible level, it exploits how environment variables work. These are used both by UNIX-like systems and Windows to store values that are required for the computer to function properly. These are available globally available across the system and can either store a single value – such as the location of a folder or a number – or a function.


Functions are a concept that is found in software development. But what do they do? Simply put, they bundle a set of instructions (represented by lines of code), which can later be executed by either another program or a user.
The issue with the Bash interpreter lies in how it handles storing functions as environment variables. In Bash, the code found in functions is stored between a pair of curly braces. However, if an attacker leaves some Bash code outside of the curly brace, it will then be executed by the system. This leaves the system wide-open for a family of attacks known as code-injection attacks.
Researchers have already found potential attack vectors by exploiting how software such as the Apache web server, and common UNIX utilities such as WGET interact with the shell and use environment variables.

Leave a Reply

Name (Required)

Email (Required - will not be published)


Message (Required)