How To Check If Your Mac or Linux Machine Is Vulnerable to Shellshock

Copy-paste this line of text into a bash window

env x='() { :;}; echo vulnerable' bash -c 'echo hello'

If the reply comes back as:

vulnerable hello



Then your version of bash is vulnerable to shellshock. Most distributions have already pushed out a new version of bash. My Ubuntu machines updated yesterday.

If you use Cygwin, then you need to check there to. Cygwin bash 4.1.10 is definitely vulnerable, but 4.1.11 is not.

If your version of bash is not vulnerable the output will be:

bash: warning: x: ignoring function definition attempt
bash: error importing function definition for `x'

How To Check If Your Mac or Linux Machine Is Vulnerable to Shellshock.

BASH Shell: For Loop File Names With Spaces – nixCraft

I’ve been wondering how to do this. I didn’t realise I could do this in so many different ways. Simplest way, I think:

$ ls
2013.doc externalIP.txt Introduction to Compositing in Blender.txz Ideas.odt Piano to Learn
$ for a in
ls *; do echo $a; done
$ IFS=$(echo -en “\n\b”)
$ for a in ls *; do echo $a; done
Introduction to Compositing in Blender.txz
Piano to Learn
$ for a in ls *; do echo $a; done

BASH Shell: For Loop File Names With Spaces – nixCraft.

Snippet: NTP Syncing (Windows/Linux)

Tux, the Linux penguin

English: M in blue square (similar to seen on )

A quick snippet for syncing your date and time via NTP. I have noticed that Windows and Linux do not follow the same convention by standard, and are always an hour out from each other, even though both claim to follow the same time zone. So, what I am having to do is sync via NTP each time I dual boot.

In Linux, this can be done using cron jobs or using the NTP daemon, but that does not do it frequently enough for my liking. So here is a bash snippet for it:

sudo service ntp stop
sudo ntpdate
sudo service ntp start

The first line stops the NTP daemon, since the ntpdate command does not like it when it is running (port in use). The second command uses a server in the selected list to sync with. The final line restarts the NTP daemon.

The Windows (Windows 7) equivalent is very similar. Like with linux, it has an in-built sync facility, but it again does not sync often enough for my liking. Like with the bash script, the commands must be run with elevated rights, so you must “Run as Administrator“, or run from an elevated rights command prompt, which you do as follows:

  1. Click Start, type “cmd” into the command window (do NOT use Windows+R)
  2. Hold down CTRL+SHIFT, then press ENTER
  3. You will be prompted (if you have UAC active), OK it and you will get a command prompt with “Administrator” in the title.

net stop "Windows Time"
net start "Windows Time"
w32tm /config /manualpeerlist:"" /syncfromflags:ALL /update
w32tm /resync

This code starts/restarts the Windows Time service then configures it with a pool of NTP servers, before asking the service to update itself and then resync. The resync action is what adjusts the time.

Laptops, TuxOnIce and Hibernation

I’m one of those people who hates having to shutdown machines, then restart them, and start logging into all my sites all over again, so I’m particularly thankful for hibernation functionality.

On Ubuntu (possibly Debian as well, but I haven’t checked), you can install either (or both) of the hibernate package, or the TuxOnIce-enabled kernel.

Hibernate is a script that detects whether or not you have a TOI-enabled kernel, and if you have such a kernel, it will use the TOI routines.

Hibernate worked perfectly for me, until I started using BOINC. Then, hibernation would hang with my laptop in a “limbo” state. Neither fully on, nor fully powered off. Turns out that BOINC must be either hogging the memory, or not releasing it properly. So, instead of doing

sudo hibernate

I do this

sudo service boinc-client stop
sudo hibernate -k
sudo service boinc-client start

So I stop the BOINC service (freeing up memory and CPU cycles), then I do the hibernate (allowing it to kill processes if needed), and then I startup the BOINC service again. The last line only gets executed upon resuming.

Putting a laptop into suspend or hibernate from console

Some information I found off the web:

First type:

cat /sys/power/state

If the result line contains “mem”, you can use this to suspend to RAM:
sudo pm-suspend

If the result line contains “disk”, you can also use this to suspend to disk (hibernate):
sudo pm-hibernate

If you have both results, you can use this to suspend with a hibernate backup. In other words, your system will prepare for hibernation, but only suspend, not turn off. This will use a bit of power, but means that it’s faster to resume, and if your battery runs out, it’ll use the hibernate image as backup.
sudo pm-suspend-hybrid

You can pipe the hibernation into a timed job using the at command. This will hibernate in one hour from now
echo 'pm-hibernate' | sudo at now + 60 minutes

And you can confirm the job is present:
sudo at -l
10 Wed Jan 1 12:38:00 2014 a root

Suspend/Hibernate requires root access, hence the reason I did sudo before the at command

Grive & Fedora — Working

Grive is an open source command-line-based sync tool to synchronise a directory with your Google Drive. Grive is not in the Fedora repositories, although it is undergoing review for addition into the repositories.

In the meantime, if you want to use it, I’ve written a script that should pick the latest version from the russianfedora website. Bitbucket repository is here.

Direct link to script: here

Once you install the application, create a blank folder (this will be the sync folder), then run
grive -a
to request an authentication URL. Go to that URL, log into Google if you need to, and you’ll get a response string you need to copy back into the console window. If the authentication was successful, Grive will sync your files into the folder. Each subsequent time you run Grive, it will download and/or upload files to/from your Google Drive.

There is only one limitation that I’m aware of. Documents created from within Google Drive won’t sync, but if you convert them to odt or doc files, they will sync.

Snippet: Chromium Snapshot Download (Cygwin) (Updated 3rd April)

A snippet to download and run the latest build of the Chromium browser. Meant for Cygwin/Windows but can be adapted if needed.

If you need to use a proxy, set your http_proxy and https_proxy variables before using this.

Now updated to kill running Chrome/Chromium processes before running the installer (in case of locking issues). Also created a Bitbucket repo here for this script

if [ -f ./mini_installer.exe ]; then
  echo "WARNING: Previous script run did not clean up"
  rm ./mini_installer.exe

if [ ! -f prev ]; then
  echo "No previous build logged"
  echo "-1" >prev

if [[ `wget -q -O-` == `cat prev` ]]; then
  echo "No build change (`wget -q -O-` = `cat prev`)"
  exit 1
  echo "New build (previous: `cat prev`, new: `wget -q -O-`)"
echo Downloading`wget -q -O-`/mini_installer.exe
wget`wget -q -O-`/mini_installer.exe

if [[ `ps -W | grep chrome | wc -l` != 0 ]]; then
  echo "`ps -W | grep chrome | wc -l` Chrome Processes Running. Attempting to Kill"
  for a in `ps -W | grep chrome | awk '{ print $1}'`
      echo Killing PID $a
      /bin/kill -f $a #This is the cygwin kill, not the bash kill
  echo "No Chrome Processes Running"
fiecho "Running installer"
chmod +x ./mini_installer.exe
echo Done
wget -q -O prev
echo "New build recorded (`cat prev`)"
rm ./mini_installer.exe
%d bloggers like this: