Archive for the ‘Security’ Category

sudo apt update
sudo apt install cmake build-essential
sudo apt install checkinstall git
sudo apt remove hashcat
sudo rm -rf hashcat/
git clone
cd hashcat
git submodule update --init
sudo make
sudo checkinstall
hashcat --version
# hashcat version should be v3.5.0 or newer
#compile and install newest version of openssl in Ubuntu 14.04 LTS
sudo DEBIAN_FRONTEND=noninteractive apt-get update
sudo DEBIAN_FRONTEND=noninteractive apt-get --yes --force-yes install checkinstall build-essential
sudo DEBIAN_FRONTEND=noninteractive apt-get --yes --force-yes build-dep openssl
sudo rm -rf ~/openssl
git clone
cd openssl
sudo ./config
sudo make
sudo make test
sudo checkinstall
sudo rm -rf ~/openssl
sudo mv /usr/bin/c_rehash /usr/bin/c_rehashBACKUP
sudo mv /usr/bin/openssl /usr/bin/opensslBACKUP
sudo ln -s /usr/local/bin/c_rehash /usr/bin/c_rehash
sudo ln -s /usr/local/bin/openssl /usr/bin/openssl
openssl version
apt-cache show openssl

Dear Mac OS X and GNU/Linux users,

It is highly recommended to update the bash shell program to protect against the Shellshock vulnerability.

Update on October 8, 2014: working patch for vulnerability CVE-2014-6277 for Ubuntu 14.04 LTS users is now available via a PPA repository (ppa:ubuntu-security-proposed/ppa).

More info here:

I presume this will also affect home routers running a modified version of GNU/Linux, if the router has bash installed…

Stock Android users are unaffected (for the time being), because the stock version of Android uses mksh instead of bash according to this link:

Non-jailbroken iPhones/iPads and non-rooted Android devices are not vulnerable to Shellshock.

However, jailbroken Android devices running Cydia or Cyanogen may have a vulnerable version of bash installed!

Ubuntu 14.04 LTS users:

Here is the code to run in a Terminal to see if your installed version of bash is vulnerable or not:

wget ; bash


Example of Terminal output:

$ sudo add-apt-repository ppa:ubuntu-security-proposed/ppa

$ sudo apt-get update

$ sudo apt-get dist-upgrade

Fetched 1,531 kB in 10s (152 kB/s)

The following packages will be upgraded:
1 packages upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
Need to get 576 kB of archives. After unpacking 0 B will be used.
Do you want to continue? [Y/n/?]
Get: 1 trusty/main bash amd64 4.3-7ubuntu1.5 [576 kB]
Fetched 576 kB in 0s (980 kB/s)
(Reading database … 331726 files and directories currently installed.)
Preparing to unpack …/bash_4.3-7ubuntu1.5_amd64.deb …
Unpacking bash (4.3-7ubuntu1.5) over (4.3-7ubuntu1.4) …
Processing triggers for man-db ( …
Processing triggers for menu (2.1.46ubuntu1) …
Processing triggers for install-info (5.2.0.dfsg.1-2) …
Setting up bash (4.3-7ubuntu1.5) …
update-alternatives: using /usr/share/man/man7/bash-builtins.7.gz to provide /usr/share/man/man7/builtins.7.gz (builtins.7.gz) in auto mode
Processing triggers for menu (2.1.46ubuntu1) …

Current status: 0 updates [-1].
$ wget ; bash
–2014-10-08 09:30:50–
Resolving (…,, 2400:cb00:2048:1::a29f:f3ab, …
Connecting to (||:443… connected.
HTTP request sent, awaiting response… 200 OK
Length: 2533 (2.5K) [application/octet-stream]
Saving to: ‘’

100%[=================================================================================================================================================================>] 2,533 –.-K/s in 0s

2014-10-08 09:30:51 (177 MB/s) – ‘’ saved [2533/2533]

CVE-2014-6271 (original shellshock): not vulnerable
CVE-2014-6277 (segfault): not vulnerable
CVE-2014-6278 (Florian’s patch): not vulnerable
CVE-2014-7169 (taviso bug): not vulnerable
CVE-2014-7186 (redir_stack bug): not vulnerable
CVE-2014-7187 (nested loops off by one): not vulnerable
CVE-2014-//// (exploit 3 on not vulnerable