在网上搜资料找到一个大神写的shell修复bash漏洞脚本,觉得很不错,拖到我blog里来共享给大家.
脚本内容:
复制代码 代码如下:
#/bin/bash#author alex fang. updates may apply soon.
clear
echo press anykey to continue... $anykey ; read anykey
echo bbbbbbbbbbbaaaaaaaaaaaaaaaaaaaasssssssssssssssssshhhhhhhhhhhhhhhhhhhh!
echo shellshockfixer v0.1 by alex fang. liscence: gnu gplv2
echo ######################################################
echo select on option:
echo 1) centos
echo 2) debian wheezy
echo 3) debian squeeze x64(provided by aliyun)
echo 4) debian squeeze x32(provided by aliyun)
echo 5) ubuntu
echo 6) opensuse x64(beta, provided by aliyun)
echo 7) opensuse x32(beta aliyun)
echo 8) aliyun linux x64
echo 9) aliyun linux x32
echo 0) iptables way
echo 11) temporily disable bash through chmod
echo ######################################################
read x
if test $x -eq 1; then
 clear
 echo fixing......
 yum clean all
 yum makecache
 yum update bash
 echo finished!
elif test $x -eq 2; then
  clear
  echo fixing for debian wheezy...
  apt-get update
  apt-get -y install --only-upgrade bash
  echo finished!
elif test $x -eq 3; then
  echo fixing for debian squeeze x64...
  wget http://mirrors.aliyun.com/debian/pool/main/b/bash/bash_4.1-3+deb6u2_amd64.deb &&  dpkg -i bash_4.1-3+deb6u2_amd64.deb 
  echo finished!
elif test $x -eq 4; then
  echo fixing for debian squeeze x32...
  wget http://mirrors.aliyun.com/debian/pool/main/b/bash/bash_4.1-3+deb6u2_i386.deb &&  dpkg -i bash_4.1-3+deb6u2_i386.deb
  echo finished!
elif test $x -eq 5; then
  echo fixing for ubuntu...
  apt-get update
  apt-get -y install --only-upgrade bash
  echo finished!
elif test $x -eq 6; then
  echo fixing for opensuse x64
  wget http://mirrors.aliyun.com/fix_stuff/bash-4.2-68.4.1.x86_64.rpm && rpm -uvh bash-4.2-68.4.1.x86_64.rpm
  echo finished!
elif test $x -eq 7; then
  echo fixing for opensuse x32
  wget http://mirrors.aliyun.com/fix_stuff/bash-4.2-68.4.1.i586.rpm && rpm -uvh bash-4.2-68.4.1.i586.rpm
 echo finished!
elif test $x -eq 8; then
  echo fixing for aliyun linux x64...
  wget http://mirrors.aliyun.com/centos/5/updates/x86_64/rpms/bash-3.2-33.el5_10.4.x86_64.rpm && rpm -uvh bash-3.2-33.el5_10.4.x86_64.rpm 
  echo finished!
elif test $x -eq 9; then
  echo fixing for aliyun linux x32...
  wget http://mirrors.aliyun.com/centos/5/updates/i386/rpms/bash-3.2-33.el5_10.4.i386.rpm  && rpm -uvh bash-3.2-33.el5_10.4.i386.rpm 
elif test $x -eq 0; then
  echo deploying iptables rules...
  iptables --append input -m string --algo kmp --hex-string '|28 29 20 7b|' --jump drop
  iptables using -m string --hex-string '|28 29 20 7b|'
  echo finishing...
elif test $x -eq 11; then
  echo chmod way configuring...
  chmod o-x bash
  echo finishing...
else
  echo invalid operation.
  exit
fi