Blog search: #Bash


Shellshock -

Posted on Jan. 15, 2016

Shellshock indicates a family of bugs who affected bash, which was disclosed the 24 September 2014 (CVE-2014-6271). For this challenge we need to use it in order to get the flag:

shellshock@ubuntu:~$ ls -l
-r-xr-xr-x 1 root shellshock2 959120 Oct 12  2014 bash
-r--r----- 1 root shellshock2     47 Oct ...

Cmd2 -

Posted on Jan. 17, 2016

Another challenge where we need to escape from a restricted situation. This time we have complete control on the argument passed the function system but, just to make sure we will not do anything harmful, the content of the environment is deleted and the content of the argument passed to ...