前一段时间出现幽灵漏洞,虽然及时做了修复,即对glibc进行升级,但是没时间整理文档,现在简单整理一下,希望对大家有用。
对于内网服务器,没有办法进行连接公网,无法用 yum update glibc或rpm -Uvh glibc*,我的方法是根据自己服务器操作系统的版本,把glibc相关的包下载到本地,然后再上传到文件服务器,再进行升级。
glibc 下载地址:http://pkgs.org/download/glibc
幽灵漏洞脚本(或下载附件):
[[email protected] opt]#vim ghost.c
#include <netdb.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <errno.h>
#include <gnu/libc-version.h>
#define CANARY "in_the_coal_mine"
struct {
char buffer[1024];
char canary[sizeof(CANARY)];
} temp = { "buffer", CANARY };
int main(void){
struct hostent resbuf;
struct hostent *result;int herrno;
int retval;
/*** strlen (name) = size_needed - sizeof (*host_addr) - sizeof (*h_addr_ptrs) - 1; ***/
size_t len = sizeof(temp.buffer) - 16*sizeof(unsigned char) - 2*sizeof(char *) - 1;
char name[sizeof(temp.buffer)];
memset(name, ‘0‘, len);
name[len] = ‘\0‘;
retval = gethostbyname_r(name, &resbuf, temp.buffer, sizeof(temp.buffer), &result, &herrno);
if (strcmp(temp.canary, CANARY) != 0) {
puts("vulnerable");
exit(EXIT_SUCCESS);}
if (retval == ERANGE) {
puts("not vulnerable");
exit(EXIT_SUCCESS);
}
puts("should not happen");
exit(EXIT_FAILURE);
}
:wq ##保存退出
[[email protected] opt]#chmod +x ghost.c
[[email protected] opt]# gcc ghost.c -o ghost
[[email protected] opt]# ls
ghost ghost.c nfs7 rh
[[email protected] opt]# ./ghost
vulnerable ##意思是:易受攻击的,需要升级glibc
[[email protected] opt]# rpm -Uvh /opt/nfs7/glibc/glibc*
Preparing... ########################################### [100%]
1:glibc-common ########################################### [ 25%]
2:glibc ########################################### [ 50%]
3:glibc-headers ########################################### [ 75%]
4:glibc-devel ########################################### [100%]
[[email protected] opt]# ./ghost
not vulnerable
[[email protected] opt]#
升级过程中遇到的问题:
[[email protected] ~]# rpm -Uvh /opt/nfs7/glibc/glibc*
error: Failed dependencies:
libfreebl3.so is needed by glibc-2.12-1.149.el6_6.5.i686
libfreebl3.so(NSSRAWHASH_3.12.3) is needed by glibc-2.12-1.149.el6_6.5.i686
解决办法:
[[email protected] ~]#yum install /mnt/Packages/nss-softokn-freebl-3.14.3-9.el6.i686.rpm