macmladen · February 17, 2016 21:53 · macmladen · Jan 29, 2015
diff --git a/no-ghost.sh b/no-ghost.sh
 #!/bin/bash
 #
 # Usage:
 # Just copy the following line to your terminal and it will autostart and
 # remove itself afterwards
 #
 #   wget -q https://gist.github.com/macmladen/1c5a6fdc57bf184b24d6/raw/no-ghost.sh ; bash no-ghost.sh
 #
 # Author: MacMladen @MacMladen ([email protected])
 # 2015.01.28
 #
 # Description:
 # This script that will check your system for GHOST vulerability and act upon.
 # The code is tailored for Debian and CentOS and need developer tools  to
 # compile binaries, although, without binary it can also let you update.
 #
 # It will selfdestruct and clean behind.
 #
 # 'Dave' is used as homage to Stanley Kubrick 2001: A Space Odyssey, enigmatic
 # adaptation of a short story by revered sci-fi author Arthur C. Clarke.
 # When Dr. Dave Bowman (Keir Dullea) and other astronauts are sent on a
 # mysterious mission, their ship's computer system, HAL, begins...
 # http://en.wikipedia.org/wiki/2001:_A_Space_Odyssey_(film)
 #
 # Reference:
 # Qualys blog https://community.qualys.com/blogs/laws-of-vulnerabilities/2015/01/27/the-ghost-vulnerability
 # CentOS blog https://www.centosblog.com/critical-glibc-remote-vulnerability-exploit-ghost-patch-glibc-now/
 #
 # Version of glibc that is safe:
 #
 #     Ubuntu 12.04 LTS:   2.15-0ubuntu10.10
 #     Ubuntu 10.04 LTS:   2.11.1-0ubuntu7.20
 #     Debian 7 LTS:       2.13-38+deb7u7
 #     CentOS :            2.18

 # Check OS, we are not dealing with non Debian, Ubuntu, CentOS distros
 if ! $(command -v lsb_release > /dev/null) ; then
  # lsb tools may not be included on slim systems, lets try direct
  MY_OS=$(cat /proc/version)
  case "$MY_OS" in
    *centos*) MY_DB="CentOS" ;;
    *debian*) MY_DB="Debian" ;;
    *ubuntu*) MY_DB="Ubuntu" ;;
    *) echo "
 This is not Linux probably, surely not a Debian, Ubuntu or Centos.
 It could be:
  `uname -a`

 I'm sorry Dave, I'm afraid I can't fix this.
 "
    rm $0
    exit 1
  esac
 else
  # so let's see what do we have here
  MY_OS=$(lsb_release -sd)  # Description
  MY_DB=$(lsb_release -si)  # Vendor
 fi

 echo "Operating system is: $MY_DB
  $MY_OS (`arch`)"

 if ! $(command -v ldd > /dev/null) ; then
  echo "No dev tools perhaps? No problem, we'll try to detect if there is a security hole anyway."
 else
  # Library version check
  echo "
  Library version is:
  "
  ldd --version
 fi

 # Code that checks, builds executable
 echo "
 Creating binary to check..."
 if [[ ! -f "./CVE-2015-0235" ]] ; then
  wget -q https://gist.githubusercontent.com/koelling/ef9b2b9d0be6d6dbab63/raw/de1730049198c64eaf8f8ab015a3c8b23b63fd34/gistfile1.c && gcc gistfile1.c -o CVE-2015-0235
 fi

 # Check, displays VULNERABLE or Not vulnerable
 if [[ ! -f "./CVE-2015-0235" ]] ; then
  echo "Binary check could not be built and performed, but you may still choose to update"
  rm gistfile1.c
 else
  GHOST=$(./CVE-2015-0235)
  rm gistfile1.c CVE-2015-0235
  if [[ $GHOST == "not vulnerable" ]]; then
    echo -e "I (seem) to be \e[7m\e[1m\e[32m safe \e[0m from GHOSTs :D"
    rm $0
    exit 0
  else
    echo -e "Oh no, I am \e[7m\e[5m\e[1m\e[31m vulnerable \e[0m to GHOST attack! You should let me heal myself."
  fi
 fi

 # OK, so we (may) need to fix this
 echo -n "Should I update? [Y/n] "
 read UPDT
 case "$UPDT" in
  [yY] | "" )
    echo "Updating..."
    case "$MY_DB" in
      CentOS)
        # Centos fix
        sudo yum clean all && sudo yum update "glibc*"
        # Reboot and let be rebooted
        rm $0 ; reboot ; exit
          ;;
      Ubuntu | Debian)
        # Debian fix
        sudo apt-get update && sudo apt-get dist-upgrade
        # Reboot and let be rebooted
        rm $0 ; reboot ; exit
        ;;
      *) echo "
 Beats me, which OS is this?
 It could be
  `uname -a`

 I'm sorry Dave, I'm afraid I can't help you."
        rm $0 ;;
    esac
    ;;
  *) echo "OK, I will not do it."
 esac
	#!/bin/bash
	#
	# Usage:
	# Just copy the following line to your terminal and it will autostart and
	# remove itself afterwards
	#
	# wget -q https://gist.github.com/macmladen/1c5a6fdc57bf184b24d6/raw/no-ghost.sh ; bash no-ghost.sh
	#
	# Author: MacMladen @MacMladen ([email protected])
	# 2015.01.28
	#
	# Description:
	# This script that will check your system for GHOST vulerability and act upon.
	# The code is tailored for Debian and CentOS and need developer tools to
	# compile binaries, although, without binary it can also let you update.
	#
	# It will selfdestruct and clean behind.
	#
	# 'Dave' is used as homage to Stanley Kubrick 2001: A Space Odyssey, enigmatic
	# adaptation of a short story by revered sci-fi author Arthur C. Clarke.
	# When Dr. Dave Bowman (Keir Dullea) and other astronauts are sent on a
	# mysterious mission, their ship's computer system, HAL, begins...
	# http://en.wikipedia.org/wiki/2001:_A_Space_Odyssey_(film)
	#
	# Reference:
	# Qualys blog https://community.qualys.com/blogs/laws-of-vulnerabilities/2015/01/27/the-ghost-vulnerability
	# CentOS blog https://www.centosblog.com/critical-glibc-remote-vulnerability-exploit-ghost-patch-glibc-now/
	#
	# Version of glibc that is safe:
	#
	# Ubuntu 12.04 LTS: 2.15-0ubuntu10.10
	# Ubuntu 10.04 LTS: 2.11.1-0ubuntu7.20
	# Debian 7 LTS: 2.13-38+deb7u7
	# CentOS : 2.18

	# Check OS, we are not dealing with non Debian, Ubuntu, CentOS distros
	if ! $(command -v lsb_release > /dev/null) ; then
	# lsb tools may not be included on slim systems, lets try direct
	MY_OS=$(cat /proc/version)
	case "$MY_OS" in
	centos) MY_DB="CentOS" ;;
	debian) MY_DB="Debian" ;;
	ubuntu) MY_DB="Ubuntu" ;;
	*) echo "
	This is not Linux probably, surely not a Debian, Ubuntu or Centos.
	It could be:
	`uname -a`

	I'm sorry Dave, I'm afraid I can't fix this.
	"
	rm $0
	exit 1
	esac
	else
	# so let's see what do we have here
	MY_OS=$(lsb_release -sd) # Description
	MY_DB=$(lsb_release -si) # Vendor
	fi

	echo "Operating system is: $MY_DB
	$MY_OS (`arch`)"

	if ! $(command -v ldd > /dev/null) ; then
	echo "No dev tools perhaps? No problem, we'll try to detect if there is a security hole anyway."
	else
	# Library version check
	echo "
	Library version is:
	"
	ldd --version
	fi

	# Code that checks, builds executable
	echo "
	Creating binary to check..."
	if [[ ! -f "./CVE-2015-0235" ]] ; then
	wget -q https://gist.githubusercontent.com/koelling/ef9b2b9d0be6d6dbab63/raw/de1730049198c64eaf8f8ab015a3c8b23b63fd34/gistfile1.c && gcc gistfile1.c -o CVE-2015-0235
	fi

	# Check, displays VULNERABLE or Not vulnerable
	if [[ ! -f "./CVE-2015-0235" ]] ; then
	echo "Binary check could not be built and performed, but you may still choose to update"
	rm gistfile1.c
	else
	GHOST=$(./CVE-2015-0235)
	rm gistfile1.c CVE-2015-0235
	if [[ $GHOST == "not vulnerable" ]]; then
	echo -e "I (seem) to be \e[7m\e[1m\e[32m safe \e[0m from GHOSTs :D"
	rm $0
	exit 0
	else
	echo -e "Oh no, I am \e[7m\e[5m\e[1m\e[31m vulnerable \e[0m to GHOST attack! You should let me heal myself."
	fi
	fi

	# OK, so we (may) need to fix this
	echo -n "Should I update? [Y/n] "
	read UPDT
	case "$UPDT" in
	[yY] \| "" )
	echo "Updating..."
	case "$MY_DB" in
	CentOS)
	# Centos fix
	sudo yum clean all && sudo yum update "glibc*"
	# Reboot and let be rebooted
	rm $0 ; reboot ; exit
	;;
	Ubuntu \| Debian)
	# Debian fix
	sudo apt-get update && sudo apt-get dist-upgrade
	# Reboot and let be rebooted
	rm $0 ; reboot ; exit
	;;
	*) echo "
	Beats me, which OS is this?
	It could be
	`uname -a`

	I'm sorry Dave, I'm afraid I can't help you."
	rm $0 ;;
	esac
	;;
	*) echo "OK, I will not do it."
	esac