We have moved at community.getvera.com

Author Topic: BASH  (Read 1491 times)

Offline gcoleman5588

  • Newbie
  • *
  • Posts: 2
  • Karma: +0/-0
BASH
« on: September 24, 2014, 09:15:47 pm »
Just wondering if VERA is susceptible to the BASH bug. If so, what needs to be done?

Offline futzle

  • Beta Testers
  • Master Member
  • *****
  • Posts: 3260
  • Karma: +192/-9
Re: BASH
« Reply #1 on: September 25, 2014, 03:43:03 am »
It's not susceptible. Vera uses the OpenWrt busybox shell.

Offline lynuss

  • Newbie
  • *
  • Posts: 2
  • Karma: +0/-0
Re: BASH
« Reply #2 on: September 25, 2014, 09:26:33 am »
My findings say otherwise :

BusyBox v1.17.3 (2012-01-09 12:40:42 PST) built-in shell (ash)
Enter 'help' for a list of built-in commands.

  _______                     ________        __
 |       |.-----.-----.-----.|  |  |  |.----.|  |_
 |   -   ||  _  |  -__|     ||  |  |  ||   _||   _|
 |_______||   __|_____|__|__||________||__|  |____|
          |__| W I R E L E S S   F R E E D O M

 -------------- Backfire (10.03) -------------------

 ---------------------------------------------------
  ***        MiOS LTD. ( www.mios.com )        ***
  ***                         ***
  ***               WARNING :                  ***
  *** Any changes made to the system without ***
  *** guidance from MiOS support will VOID   ***
  *** your future Support requests          ***
 ---------------------------------------------------
root@MiOS_30200242:~# env x='() { :;}; echo vulnerable' bash -c 'echo hello'
hello




Offline garrettwp

  • Master Member
  • *******
  • Posts: 6371
  • Karma: +227/-128
  • Vera 3, Lite, ISY994
Re: BASH
« Reply #3 on: September 25, 2014, 12:31:39 pm »
Actually futzle is correct. Bash command in Vera points to busybox which OpenWRT uses as default. There is no bash binary installed. Vera is not vulnerable to the bash bug.

- Garrett

Offline futzle

  • Beta Testers
  • Master Member
  • *****
  • Posts: 3260
  • Karma: +192/-9
Re: BASH
« Reply #4 on: September 25, 2014, 06:23:35 pm »
root@MiOS_30200242:~# env x='() { :;}; echo vulnerable' bash -c 'echo hello'
hello

If the shell is vulnerable, the above command should also print "vulnerable" from the echo statement.  It'll always print "hello" irrespective of the vulnerability.  The above output demonstrates that the shell isn't vulnerable on Vera.

For contrast, here's the output on my Mac:
Code: [Select]
$ env x='() { :;}; echo vulnerable' bash -c 'echo hello'
vulnerable
hello

There is a /bin/bash on Vera:
Code: [Select]
# ls -lF /bin/bash
lrwxrwxrwx    1 root     root             7 Nov 14  2013 /bin/bash -> busybox*
but this is provided as a convenience for users who conflate /bin/bash and /bin/sh, and who might have inadvisedly put the former in the #! line of a shell script.  It's not _really_ the GNU Bourne-Again Shell.

Offline lynuss

  • Newbie
  • *
  • Posts: 2
  • Karma: +0/-0
Re: BASH
« Reply #5 on: September 25, 2014, 09:14:00 pm »
yeah i poked around and could see bash listed in /bin but all aliased to  ->busybox
guess that command is just parsing the 'echo - hello' like a good shell should !
is it ash not bash ?