Security Hub

Bring your software development workflows to security

icon-shellshock

Shellshock

Signals & Triggers

On shell command
If command tries to run command using ShellShock

Actions

  • Block the HTTP request Block the HTTP request
  • Log request stack trace Log request stack trace
  • Log the malicious request Log the malicious request
  • Report an incident Report an incident

Notifications

  • Send an email to all team members Send an email to all team members
  • Send a Slack notification. Send a Slack notification.
  • POST to your Webhook. POST to your Webhook.
  • Send to New Relic Insights. Send to New Relic Insights.
  • Create an incident on PagerDuty (coming soon) Create an incident on PagerDuty (coming soon)

Details

Shellshock (also known as Bashdoor) is a security vulnerability in the widely used UNIX Bash shell. Many Internet-facing services, such as web servers rely on Bash to process requests, allowing an attacker to execute arbitrary commands on vulnerable versions of Bash. A Shellshock allows an attacker to gain unauthorized access on a server.

Advanced details

When a shell command is executed by the application, Sqreen checks the environment variables. If one of them appears to be a code injection attack (e.g.: () { :;}; cat /etc/passwd), this plugin will trigger.

Language support

  • Ruby
  • Node.js
  • PHP
  • Python
  • Java

Data collected by Sqreen

Signals

No data collected


On attack
  • Name and value of the malicious environment variable.
  • Stack trace

Built for developers and modern apps

Get up and running in minutes just by installing our lightweight library. Enable plugins in just a couple of clicks.

  • Node.js
  • Ruby
  • PHP
  • Python
  • Java
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9

$ npm install --save sqreen

$ echo '{ "token": "your token" }' > sqreen.json

 

// This should be the first line of your app

require('sqreen');

$ echo "gem 'sqreen'" >> Gemfile

$ bundle install

$ echo "token: your token" > config/sqreen.yml

$ curl -s https://download.sqreen.io/php/install.sh > sqreen-install.sh && bash sqreen-install.sh your token

$ pip install sqreen

$ echo -e "[sqreen]\ntoken: your token" > sqreen.ini

 

# Insert at the top of your app file (typically wsgi.py or app.py)

import sqreen

sqreen.start()

$ curl https://download.sqreen.io/java/sqreen-latest-all.jar -o sqreen.jar

 

// Add JVM startup options:

-javaagent:/path/to/sqreen.jar -Dsqreen.token={{your token}}

Build amazing products. Keep them safe.

3 min installation · Try all features for 14 days · No credit card required Get started Request demo