This question already has an answer here:
I am having problems understanding the following code, which is the Shell Shock 'proof of vulnerability' code.
Can someone explain it to me? Specially, this part "() { :;};"
env x='() { :;}; echo vulnerable' bash -c "echo this is a test"
env x='() { :;}; echo vulnerable' bash -c "echo this is a test"
what env does?
From the docs, env runs programs in modified environment
env [OPTION]... [-] [NAME=VALUE]... [COMMAND [ARG]...]
it clear that x is a name/variable and () { :;}; echo vulnerable' is the value fo the variable
now what is () { :;};?
when a function is exported, bash stores its defenition as value to the environment variable
$ x() {echo hello world;}
$ export x
$ env | grep x
x=() {echo hello world};
now when x='() {:;}' means similar as writing
$ x() {:;}
$ export x
$ env | grep x
That is we indirectly made export x onto the new environmnet created by the env
Here : is a null statement in bash
Hope it helps
来源:https://stackoverflow.com/questions/26052116/can-someone-explain-the-shell-shock-bash-code