More shellshock tweaks

2014-10-06 03:09:41 +00:00 · 2014-10-06 03:09:41 +00:00 · fcf58d6d09
parent 0bb3176385
commit fcf58d6d09
1 changed files with 8 additions and 8 deletions
--- a/include/tests_shells
+++ b/include/tests_shells
@ -219,7 +219,7 @@
 			# CVE-2014-6271
 			logtext "Test: Check for first exploit (CVE-2014-6271)"
 			echo "env 'x=() { :;}; echo vulnerable' 'BASH_FUNC_x()=() { :;}; echo vulnerable' bash -c \"echo test\" 2>&1 | grep 'vulnerable'" > /tmp/1.tmp
-			VULNERABLE=`${FIND} /tmp/1.tmp`
+			VULNERABLE=`${FIND} /tmp/1.tmp 2>/dev/null`
 			#echo "${VULNERABLE}"
 			if [ ! "${VULNERABLE}" = "" ]; then
 				logtext "Result: Vulnerable to original shellshock (CVE-2014-6271)"
@ -249,7 +249,7 @@
 			# CVE-2014-6271
 			logtext "Test: Check for first exploit (CVE-2014-6277)"
 			echo "(bash -c \"f() { x() { _;}; x() { _;} <<a; }\" 2>/dev/null || echo vulnerable) | grep 'vulnerable'" > /tmp/2.tmp
-			VULNERABLE=`${FIND} /tmp/2.tmp`
+			VULNERABLE=`${FIND} /tmp/2.tmp 2>/dev/null`
 			#echo "${VULNERABLE}"
 			if [ ! "${VULNERABLE}" = "" ]; then
 				logtext "Result: Vulnerable to original shellshock (CVE-2014-6277)"
@ -280,11 +280,11 @@
 			logtext "Test: Check for CVE-2014-6278"
 			echo "shellshocker='() { echo vulnerable; }' bash -c shellshocker 2>/dev/null | grep 'vulnerable'" > /tmp/3.tmp
 			#echo "${VULNERABLE}"
-			VULNERABLE=`${FIND} /tmp/3.tmp`
+			VULNERABLE=`${FIND} /tmp/3.tmp 2>/dev/null`
 			if [ ! "${VULNERABLE}" = "" ]; then
 				logtext "Result: Vulnerable to CVE-2014-6278"
 				Display --indent 4 --text "- CVE-2014-6278 (Florian's patch)" --result "WARNING" --color RED
-				ReportWarning $(TEST_NO) "H" "Vulner to shellshocker (CVE-2014-6278)"
+				ReportWarning ${TEST_NO} "H" "Vulnerable to shellshocker (CVE-2014-6278)"
 				AddHP 0 5
 			else 
 				logtext "Result: Not vulnerable to CVE-2014-6278"
@ -310,7 +310,7 @@
 			# CVE-2014-7168
 			logtext "Test: Check for taviso bug CVE-2014-7169"
 			echo "(cd /tmp; rm -f /tmp/echo; env X='() { (a)=>\' bash -c "echo echo nonvuln" 2>/dev/null; [[ \"\$(cat echo 2> /dev/null)\" == \"nonvuln\" ]] && echo \"vulnerable\" 2> /dev/null) | grep '   vulnerable'" > /tmp/4.tmp
-			VULNERABLE=`${FIND} /tmp/4.tmp`
+			VULNERABLE=`${FIND} /tmp/4.tmp 2>/dev/null`
 			#echo "${VULNERABLE}"
 			if [ ! "${VULNERABLE}" = "" ]; then
 				logtext "Result: Vulnerable to taviso bug (CVE-2014-7169)"
@ -341,7 +341,7 @@
 			# CVE-2014-7186
 			logtext "Test: Check for CVE-2014-7186"
 			echo "(bash -c 'true <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF' 2>/dev/null || echo \"vulnerable\") | grep 'vulnerable'" > /tmp/5.tmp
-			VULNERABLE=`${FIND} /tmp/5.tmp`
+			VULNERABLE=`${FIND} /tmp/5.tmp 2>/dev/null`
 			#echo "$VULNERABLE"
 			if [ ! "${VULNERABLE}" = "" ]; then
 				logtext "Result: Vulnerable to CVE-2014-7186"
@ -373,7 +373,7 @@
 			# CVE-2014-7186
 			logtext "Test: Check for CVE-2014-7187"
 			echo "((for x in {1..200}; do echo \"for x$x in ; do :\"; done; for x in {1..200}; do echo done; done) | bash || echo \"vulnerable\") | grep 'vulnerable'" > /tmp/6.tmp
-			VULNERABLE=`${FIND} /tmp/6.tmp`
+			VULNERABLE=`${FIND} /tmp/6.tmp 2>/dev/null`
 			#echo "$VULNERABLE"
 			if [ ! "${VULNERABLE}" = "" ]; then
 				logtext "Result: Vulnerable to CVE-2014-7187"
@ -405,7 +405,7 @@
 			# CVE-2014-////
 			logtext "Test: Check for bug Exploit #3 - shellshocker.net (no CVE)"
 			echo "env X=' () { }; echo hello' bash -c 'date'| grep 'hello'" > /tmp/7.tmp
-			VULNERABLE=`${FIND} /tmp/7.tmp`
+			VULNERABLE=`${FIND} /tmp/7.tmp 2>/dev/null`
 			if [ "${VULNERABLE}" = "hello" ]; then
 				logtext "Result: Vulnerable to CVE-2014-//// (exploit #3 on shellshocker.net)"
 				Display --indent 4 --text "- Exploit #3 on shellshocker.net (no CVE)" --result "WARNING" --color RED