Rohan McLeod <[email protected]> writes: > James Harper wrote: >>> NetComm ADSL2+ Router NB6_REV2_16M >>> Software Version: 3.65p >>> And I'm in. It's a shell, but can't tell what. ps shows a 'sh' process >>> running. >> Actually: >>> ps --help >> BusyBox v1.00 (2010.01.12-11:52+0000) multi-call binary >> So... not bash. > thanks , interesting well that's a relief !
IMO this is not a reliable test. I know of at least Thecus NAS installs which ship busybox, but include bash. Such a system would show the same "I'm busybox" output when running ps in bash, since it is not a bash builtin. I don't know offhand of a reliable test. Off the top of my head, I'd suggest "echo $BASH_VERSION", which seems to be under --posix (which more-or-less correponds to invoking as argv[0] = "/bin/sh"). Probably the Right Thing would be to test for the actual vuln. _______________________________________________ luv-main mailing list [email protected] http://lists.luv.asn.au/listinfo/luv-main
