forked from wreiske/shellshocker
-
Notifications
You must be signed in to change notification settings - Fork 0
/
fixbash
executable file
·94 lines (90 loc) · 3.47 KB
/
fixbash
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
#!/bin/sh
##############################################################
# This is the ShellShocker.net bash updater script.
# Version 1.2!
#
# Are you looking at this in your web browser, and would like to apply the bash patches?
# Just open up your terminal and type:
#
# curl https://shellshocker.net/fixbash | sh
########
# REV 4: Added prefix to configure for fedora systems.
# REV 5: Bumped patch to 26 from 25.
# REV 6: Bumped patch to 27 from 26.
# REV 7: Not using sudo when logged in as root: https://github.com/wreiske/shellshocker/pull/15
# REV 8: Updated loops to download and apply up to latest patch: https://github.com/wreiske/shellshocker/pull/17
# REV 9: Added check for gcc to be installed.
########
# This script will download bash 4.3 to your home directory, extract, download patches, patch,
# install patches, and install the fixed bash.
# - Mac: OS X
# - Linux: x86 and x86_64 systems
##############################################################
echo "----------------------------------------------"
echo "-- WELCOME TO THE SHELLSHOCKER BASH PATCHER --"
echo "----------------------------------------------"
echo "--- Revision 8, 092914-4:56PM ETC ---"
echo "--- Provided by https://shellshocker.net/ ---"
echo "----------------------------------------------"
GCC=`which gcc`
PATCH=`which patch`
MAKE=`which make`
if [ -z "$GCC" ]; then
echo "Your system does not have the GNU gcc complier installed."
echo "Please install the gcc complier and then run this script again."
exit 1
fi
if [ -z "$PATCH" ]; then
echo "Your system does not have the GNU patch tool installed."
echo "Please install the patch tool and then run this script again."
exit 1
fi
if [ -z "$MAKE" ]; then
echo "Your system does not have the GNU make tool installed."
echo "Please install the make tool and then run this script again."
exit 1
fi
echo "Creating folders..."
cd ~/
mkdir bash-shellshocker
cd bash-shellshocker
echo "Downloading Bash..."
wget -N https://ftp.gnu.org/gnu/bash/bash-4.3.tar.gz
echo "Downloading Bash patches..."
i=0
while [ true ]; do i=`expr $i + 1`; wget -N https://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-$(printf '%03g' $i); if [ $? -ne 0 ]; then break; fi; done
echo "Extracting bash from tar.gz..."
tar zxvf bash-4.3.tar.gz
cd bash-4.3
echo "Applying Patches..."
for p in `ls ../bash43-[0-9][0-9][0-9]`; do patch -p0 < $p; done
echo "Ready to install. Configuring..."
./configure --prefix=/
echo "Running make"
make
if [ `id -u` -eq 0 ]
then
echo "Running make install"
make install
cp /bin/bash /usr/local/bin/bash
if [ $? -ne 0 ]; then
cp /usr/local/bin/bash /usr/local/bin/bash.back
cp -f /bin/bash /usr/local/bin/bash
fi
else
echo "Running make install (You may need to type your sudo password here)"
sudo make install
sudo cp /bin/bash /usr/local/bin/bash
if [ $? -ne 0 ]; then
sudo cp /usr/local/bin/bash /usr/local/bin/bash.back
sudo cp -f /bin/bash /usr/local/bin/bash
fi
fi
echo "----------------------------------------------"
echo "Done! Try opening a new bash shell and checking if your system is still vulnerable."
echo "Script provided by https://shellshocker.net/"
echo "Please go leave a comment and let us know if this script worked for you!"
echo "Follow us on twitter too, https://twitter.com/shellshockernet"
echo "Send issue requests to https://github.com/wreiske/shellshocker/issues"
echo "Want to help make shellshocker better? Contribute @ https://github.com/wreiske/shellshocker/"
echo "-Thanks"