News and Announcements

What's news on Wolfing?

27 September 2014 01:28 PM Posted by: WolfKodi

Shellshock BugViews: 793

Wolfing is not affected by the Bash bug known as Shellshock. Users of Wolfing can continue to use this site feeling at ease. This Bash bug has caused widespread attention and panic since 24th September 2014 when it was announced to the public. This security exploit is of greater concern compared to the Heartbleed bug earlier this year because an even greater amount of servers are vulnerable as this covers all version of Bash since its discovery.

Bash is used as the default shell or command line interface on almost every single Linux server out there. Gaining access to the server's user interface allows an attacker to gain control over the server. That's almost like passing them your computer's keyboard and mouse. Of course, it is not as simple as an attacker will require the use of an internet-facing service, such as an Apache web server, to get to Bash internally. This is the reason why this bug is also considered as a "backdoor" and called "bashdoor".

I have spent this afternoon researching on this issue, understood how the exploit works, and successfully verified through testing that the server Wolfing runs on - Kodi's Wolf Pack is not vulnerable. So why is Wolfing not affected? Thanks to the unique way that the server runs off a router, which is also the case for many embedded systems, the server uses BusyBox and its built-in shell called Ash instead of Bash. While the server did have Bash installed, it was not the default shell which is required for a successful attack. Another added requirement is the use of direct URL CGI scripts which the server uses none of. Either way, I took an extended measure to uninstalled Bash since it is not being used.

No Howls Yet

Please login or register to comment