shellshock vulnerability in android

shellshock vulnerability
shellshock vulnerability , executing commands after environment

 

I’ll try to put it as simple as possible to the readers from non information security background, ‘bash shell’ an inevitable part of unix based systems like Unix, Linux, Mac OS  is messed up badly by a easy to exploit  vulnerability that all hell broke loose. Shellshock aka Bashdoor  as it’s fondly called is a series of dangerous security bugs on the bash shell.

CVE-2014-6271

The first of these series, which would let anyone execute arbitrary commands following a crafted environment variable like this,

env x='() { :;}; echo vulnerable' bash -c "echo this is a test"

Speaking more on the vulnerability and it’s implications is beyond the scope of this article. Incase you are a power reader and wish to know in-depth regarding the vulnerability, please take a look at the excellent coverage on the same by troy hunt here.

What I really wanted to speak about here is shellshock’s implications in Android operating system.

Continue reading “shellshock vulnerability in android”