Sep 292014
 

The most new and dangerous bug around it’s the one called “shellshock”, this is a security bug in the widely used Unix Bash shell which was disclosed on 24 September 2014. Many Internet daemons, such as web servers, use Bash to process certain commands, allowing an attacker to cause vulnerable versions of Bash to execute arbitrary commands. This can allow an attacker to gain unauthorized access to a computer system.

The bug causes Bash to unintentionally execute commands when they are stored in specially crafted environment variables. Within days, a series of further related vulnerabilities in Bash were found, leading to the need for further patches.

By 25 September, botnets based on computers compromised with this exploit were being used by attackers for distributed denial-of-service attacks and vulnerability scanning, source wikipedia

Let’s see how to check if your computer or server is vulnerable.
Continue reading »

flattr this!

Mar 262012
 

Original article by Ankur Aggarwal published on http://flossstuff.wordpress.com/

Wikipedia : One of the most important web portal in  geek’s life. Whenever I need to search anything I use two things. First open up the Google and then search for the related  wikipedia page. Exploring wikipedia page using shell is possible. Interested fact is that we can do it without even opening the cli browser. We can make wikipedia text query over dns for an ip address. I learned this trick from Ajay Sharma ([email protected]). Thanks to him for teaching me this wonderful trick. Let’s explore how to do it.
Continue reading »

flattr this!