Test your server for the Shellshock vulnerability

After patching your server, run the following tests to make sure your server is safe from the Shellshock vulnerability.

Note: These tests work on all versions of Linux.

  1. Run the following command:
    cd /tmp; rm -f /tmp/echo; env 'x=() { (a)=>\' bash -c "echo date"; cat /tmp/echo
    A correctly-patched server will return:
    date cat: /tmp/echo: No such file or directory
  2. Run the following command:
    env 'x=() { :;}; echo vulnerable' 'BASH_FUNC_x()=() { :;}; echo vulnerable' bash -c "echo test"

    Clean servers' responses will vary depending on the BASH version, but you should see test near the the bottom of the output.

    Vulnerable servers' response will be vulnerable.

Warning: Your server must pass both tests to be considered safe from the bash vulnerability.

Was dit artikel nuttig?
Thanks for your feedback. To speak with a customer service representative, please use the support phone number or chat option above.
Fijn dat we konden helpen! Kunnen we nog iets voor je doen?
Dat spijt ons. Tell us what was confusing or why the solution didn’t solve your problem.