Debian7 offline upgrade bash vulnerability-refix method, debian7bash

Source: Internet
Author: User
Tags kali linux

Debian7 offline upgrade bash vulnerability-refix method, debian7bash

### The old saying yesterday is that we need to release a new patch. Today we are all released. The basic operation is the test results are different. Continue to fix the bash vulnerability in the Debian7 wheezy version, as shown below:

1. Test whether upgrade is required

# Env x = '() {:;}; echo vulnerable 'bash-c "echo this is a test"# The following figure is displayed. Upgrade required.

Vulnerable

This is a test

2. Offline upgrade

### Many servers cannot go out of the Internet, but can only download and upgrade

# Wget http://security.debian.org/debian-security/pool/updates/main/ B /bash/bash_4.2+dfsg-0.1+deb7u3_amd64.deb

# Dpkg-I bash_4.2 + dfsg-0.1 + deb7u3_amd64.deb

(Reading database... 38868 files and directories currently installed .)

Preparing to replace bash 4.2 + dfsg-0.1 + deb7u1 (using bash_4.2 + dfsg-0.1 + deb7u3_amd64.deb )...

Unpacking replacement bash...

Setting up bash (4.2 + dfsg-0.1 + deb7u3 )...

Update-alternatives: using/usr/share/man/man7/bash-builtins.7.gz to provide/usr/share/man/man7/builtins.7.gz (builtins.7.gz) in auto mode

Processing triggers for man-db...

# Dpkg-l bash # view the upgraded version

Desired = Unknown/Install/Remove/Purge/Hold

| Status = Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend

|/Err? = (None)/Reinst-required (Status, Err: uppercase = bad)

|/Name Version Architecture Description

++-======================================================== ============================================================ ======================================

Ii bash 4.2 + dfsg-0.1 + de amd64 GNU Bourne Again SHell

Ii bash 4.2 + dfsg-0.1 + de amd64 GNU Bourne Again SHell

# Env x = '() {:;}; echo vulnerable 'bash-c "echo this is a test"# The following changes are displayed. The upgrade is complete.

This is a test
How to deal with the bash vulnerability of redhat 48

Linux root password cracking method-GRUB menu for China (1) RedHat/CentOS/Fedora system password cracking
1 option. Press E to enter the editing mode.
2. Add S (or single) to the end of the edit kernel line)
3 by B, from single-user mode
4. Execute the following command to the photo # Install-t PROC/proc photo # after installing the adjacent reload, RW/
# Passwd
# Sync
# Reboot (ii) Debian Linux system password cracking
In 1, choose "Debian GNU/Linux,... (recovery mode)" in the grub option menu, and press e to enter the editing mode.
2. Edit the last line of the kernel RO to the single init =/bin directory/bash of RW, execute the following command, and press B
Restart
3 input root @ (none) # mount-
Root @ (none) # passwd Root
Root @ (none) # reboot peso (3) FreeBSD system password cracking
1. Go to the boot menu. BR> 2. Select each user (Press 4) to enter the single-user mode.
3. Go to the list of input commands-root @ # Mount-
Root @ # fsck-y
Root @ # passwd file (PASSWORD command)
Root @ # root (cracking username and password)
Enter a new UNIX Password:
Root @ # init 6 (restart), day (4) Solaris system password cracking
1. Select the grub option menu item failasfe in Solaris.
2. Do you want to install/A on read/write? [? Y, N,] Select Y
3. Enter
4. in single-user mode, enter the following command: passwd
Root @ # init 6 (restart), daily (5) NetBSD system password cracking
1. Boot: When a prompt symbol appears and starts to take the last five seconds, type the following command: homepage> boot-S (enter single-user mode command)
2. The following hint
Input shell path or return SH:
Then press Enter.
3. type the following command: Photo # Install-a photo # fsck-y
4. Use the passwd command root password.
5. Use the exit command to enter the multiplayer mode. 6) SUSE system password cracking
1. Restart the machine. When the grub boot screen is displayed, the options in the init =/bin directory/bash in Linux will start, the bash parameter passed to the kernel in init =/bin enables the OS to run bash before running login.
2. Wait for a moment (none) #: command line.
3. Then input mount-N/-o to remount the file. RW indicates that the root file system is remounted for read and write. After the read and write permissions are granted, you can change the password using the passwd file command.
4. Enter the passwd command to reset the password.
5. Remember to use the installation-N/-o to remount and set the RO root file system to the original state.

How to fix bash security vulnerabilities in kali linux

How should I select i386, amd, armel, armhole, ISO, and vmware? What is the standard difference.
I7 2640 M
 

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.