Full Disclosure: Re: bash vulnerability?

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Full Disclosure mailing list archives

Re: bash vulnerability?

From: "Andre' Breiler" <andre.breiler () null-mx org>
Date: Sat, 13 Aug 2005 10:32:58 +0000 (GMT)

Hi,

On Sat, 13 Aug 2005, Matija Vidmar wrote:



Wernfried Haas wrote:

assuming you actually meant
:(){ :|:& };: (which can be harmful if no limits are set)?


The ':()' defines a fuction ':' with a fuction body of
{
 : | : &
}

As you can see this is a recursive call as the fuction ':' is called,
it's output passed via a pipe as input to the fuction ':' and this
whole command is run in the background '&' .

The last ':' in the string (after the ';') calls the fuction and therefore
starts it all of.

What does it do?


It's a very simple fork bomb as other have said allready.
It's known for some time and usually handed to new starters as a joke.

Andre'

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

By Date By Thread

Current thread:

bash vulnerability? Shari Vegas (Aug 13)
- Re: bash vulnerability? Wernfried Haas (Aug 13)
  - Re: bash vulnerability? Wernfried Haas (Aug 13)
    - RE: bash vulnerability? Sean Crawford (Aug 13)
    - Re: bash vulnerability? Matija Vidmar (Aug 13)
    - Re: bash vulnerability? Andre' Breiler (Aug 13)
    - Re: bash vulnerability? fd (Aug 14)
- Re: bash vulnerability? Milan 't4c' Berger (Aug 13)
- <Possible follow-ups>
- Re: bash vulnerability? starwars (Aug 14)
- RE: bash vulnerability? Jay (Aug 15)
  - Re: bash vulnerability? Rik Bobbaers (Aug 16)