Is this bash command vulnerable to code injection?

I’m wondering if the following code is vulnerable to command injection in bash :

sumo /bin/netflash -Uk $  CONTROLED_OPTION 2>&1 

I’m thinking since it’s not included in ” ” it should be vulnerable but I’m not sure since I can’t make the command injection work, I tried $ () `` | && ||  but nothing is working.

or do I need the command to be inside a eval to be vulnerable ?

Thanks

For creating tools, Bash, Perl or Python? Which should I invest my time in to?

Having trouble choosing between the three, I would of course love to learn all three in the future, but right now I’m curious as to which language would be the most beneficial to me.

Also, I’m aware that different tools might be more useful in certain scenarios, in this case, I just want to learn the language that suits best for creating Ethical hacking tools, and which language would be the easiest to master?

Error while running shell script inside ubuntu VM: -bash: ./install.sh: /bin/bash^M: bad interpreter: No such file or directory

I have 3 shell script files placed inside vagrant directory like so: files placement screenshot

This is the install.sh file:

#!/bin/bash  echo "Launching instances with the following parameters:" echo "" echo "Machine Image ID: $  1" echo "Number of Instances: $  2" echo "Instance Type: $  3" echo "Key Pair Name: $  4" echo "Security Group ID: $  5"  aws ec2 run-instances --image-id $  1 --count $  2 --instance-type $  3 --key-name $  4 --user-data file://install-env.sh --security-group-ids $  5 

This is the install-env.sh file:

#!/bin/bash  sudo apt-get -y update sudo apt-get -y install apache2 php php-gd mysql-server  sudo systemctl enable apache2 sudo systemctl start apache2  

I have another destroy.sh file but it’s not related to this error as of now. This is the command I am trying to execute after I ssh into ubuntu VM (I replaced the ami & sg numbers with * for posting it here):

vagrant@ubuntu-bionic:/vagrant$   ./install.sh ami-*************** 1 t2.micro key-name sg-************** 

This is the error that I am getting:

-bash: ./install.sh: /bin/bash^M: bad interpreter: No such file or directory 

The same command works fine if I have those shell script inside home directory, (which I am not able to see on the UI) and I run the command without navigating to vagrant directory like so:

vagrant@ubuntu-bionic:$   ./install.sh ami-********** 1 t2.micro key-name sg-************** 

Why does it not work if I place the files inside vagrant directory? I want to place it here so that I can make changes in one place and push/pull to/from github, instead of having to copy-paste my changes and then push to github everytime.

Please guide me through the placement of shell script files and the directory navigation on cmd prompt.

Error while running shell script inside ubuntu VM: -bash: ./install.sh: /bin/bash^M: bad interpreter: No such file or directory

I have 3 shell script files placed inside vagrant directory like so: files placement screenshot

This is the install.sh file:

#!/bin/bash  echo "Launching instances with the following parameters:" echo "" echo "Machine Image ID: $  1" echo "Number of Instances: $  2" echo "Instance Type: $  3" echo "Key Pair Name: $  4" echo "Security Group ID: $  5"  aws ec2 run-instances --image-id $  1 --count $  2 --instance-type $  3 --key-name $  4 --user-data file://install-env.sh --security-group-ids $  5 

This is the install-env.sh file:

#!/bin/bash  sudo apt-get -y update sudo apt-get -y install apache2 php php-gd mysql-server  sudo systemctl enable apache2 sudo systemctl start apache2  

I have another destroy.sh file but it’s not related to this error as of now. This is the command I am trying to execute after I ssh into ubuntu VM (I replaced the ami & sg numbers with * for posting it here):

vagrant@ubuntu-bionic:/vagrant$   ./install.sh ami-*************** 1 t2.micro key-name sg-************** 

This is the error that I am getting:

-bash: ./install.sh: /bin/bash^M: bad interpreter: No such file or directory 

The same command works fine if I have those shell script inside home directory, (which I am not able to see on the UI) and I run the command without navigating to vagrant directory like so:

vagrant@ubuntu-bionic:$   ./install.sh ami-********** 1 t2.micro key-name sg-************** 

Why does it not work if I place the files inside vagrant directory? I want to place it here so that I can make changes in one place and push/pull to/from github, instead of having to copy-paste my changes and then push to github everytime.

Please guide me through the placement of shell script files and the directory navigation on cmd prompt.

Error while running shell script inside ubuntu VM: -bash: ./install.sh: /bin/bash^M: bad interpreter: No such file or directory

I have 3 shell script files placed inside vagrant directory like so: files placement screenshot

This is the install.sh file:

#!/bin/bash  echo "Launching instances with the following parameters:" echo "" echo "Machine Image ID: $  1" echo "Number of Instances: $  2" echo "Instance Type: $  3" echo "Key Pair Name: $  4" echo "Security Group ID: $  5"  aws ec2 run-instances --image-id $  1 --count $  2 --instance-type $  3 --key-name $  4 --user-data file://install-env.sh --security-group-ids $  5 

This is the install-env.sh file:

#!/bin/bash  sudo apt-get -y update sudo apt-get -y install apache2 php php-gd mysql-server  sudo systemctl enable apache2 sudo systemctl start apache2  

I have another destroy.sh file but it’s not related to this error as of now. This is the command I am trying to execute after I ssh into ubuntu VM (I replaced the ami & sg numbers with * for posting it here):

vagrant@ubuntu-bionic:/vagrant$   ./install.sh ami-*************** 1 t2.micro key-name sg-************** 

This is the error that I am getting:

-bash: ./install.sh: /bin/bash^M: bad interpreter: No such file or directory 

The same command works fine if I have those shell script inside home directory, (which I am not able to see on the UI) and I run the command without navigating to vagrant directory like so:

vagrant@ubuntu-bionic:$   ./install.sh ami-********** 1 t2.micro key-name sg-************** 

Why does it not work if I place the files inside vagrant directory? I want to place it here so that I can make changes in one place and push/pull to/from github, instead of having to copy-paste my changes and then push to github everytime.

Please guide me through the placement of shell script files and the directory navigation on cmd prompt.

Error while running shell script inside ubuntu VM: -bash: ./install.sh: /bin/bash^M: bad interpreter: No such file or directory

I have 3 shell script files placed inside vagrant directory like so: files placement screenshot

This is the install.sh file:

#!/bin/bash  echo "Launching instances with the following parameters:" echo "" echo "Machine Image ID: $  1" echo "Number of Instances: $  2" echo "Instance Type: $  3" echo "Key Pair Name: $  4" echo "Security Group ID: $  5"  aws ec2 run-instances --image-id $  1 --count $  2 --instance-type $  3 --key-name $  4 --user-data file://install-env.sh --security-group-ids $  5 

This is the install-env.sh file:

#!/bin/bash  sudo apt-get -y update sudo apt-get -y install apache2 php php-gd mysql-server  sudo systemctl enable apache2 sudo systemctl start apache2  

I have another destroy.sh file but it’s not related to this error as of now. This is the command I am trying to execute after I ssh into ubuntu VM (I replaced the ami & sg numbers with * for posting it here):

vagrant@ubuntu-bionic:/vagrant$   ./install.sh ami-*************** 1 t2.micro key-name sg-************** 

This is the error that I am getting:

-bash: ./install.sh: /bin/bash^M: bad interpreter: No such file or directory 

The same command works fine if I have those shell script inside home directory, (which I am not able to see on the UI) and I run the command without navigating to vagrant directory like so:

vagrant@ubuntu-bionic:$   ./install.sh ami-********** 1 t2.micro key-name sg-************** 

Why does it not work if I place the files inside vagrant directory? I want to place it here so that I can make changes in one place and push/pull to/from github, instead of having to copy-paste my changes and then push to github everytime.

Please guide me through the placement of shell script files and the directory navigation on cmd prompt.

ayuda!! como puedo insertar una cadena de numeros en una linea de archivo bash?

el comando sed, me ayuda a sustituir muy bien cadenas en lineas de bash, pero cuando quiero insertar la siguiente cadena 127.0.0.1/32 en un archivo tengo el siguiente error : sed: -e expresion #1,caracter 18:opcion desconocida para `s'. inclusive cuando quiero sustituir la cadena 127.0.0.1 sustituye bien, el problema es cuando le añado la cadena /32 parece que sed tiene un problema, a continuacion el codigo.

#! /bin/bash  var1="127.0.0.1" var1=$  var1"/32"  #como resultado en la variable var1 tengo ya "127.0.0.1/32" #ahora...  sed -i "7s/ /$  var1/" archivo.txt  

agradesco mucho su ayuda…

Bash File Unable to locate package when new line is added

When building a bash file to execute I keep getting an error after adding a new line. I have tried moving some lines around or removing some of the packages but it will results in the same error. In the file if I was to remove 3 and 4 it there will no longer be an error.

E: Unable to locate package <package> 

The bash file looks like this

#!/usr/bin/env bash sudo apt update && sudo apt install -y python3-pip build-essential python3-dev python3-setuptools gcc sshpass sudo apt-get install apt-transport-https lsb-release software-properties-common dirmngr sudo apt-get update 

The output with the error

Hit:1 http://us.archive.ubuntu.com/ubuntu bionic InRelease Get:2 http://security.ubuntu.com/ubuntu bionic-security InRelease [88.7 kB]                                                   Hit:3 http://archive.ubuntu.com/ubuntu bionic InRelease                                             Get:4 http://us.archive.ubuntu.com/ubuntu bionic-updates InRelease [88.7 kB]         Get:5 http://us.archive.ubuntu.com/ubuntu bionic-backports InRelease [74.6 kB]                                       Fetched 252 kB in 1s (189 kB/s)     Reading package lists... Done Building dependency tree        Reading state information... Done All packages are up to date. Reading package lists... Done Building dependency tree        Reading state information... Done E: Unable to locate package sshpass Reading package lists... Done Building dependency tree        Reading state information... Done E: Unable to locate package dirmngr Hit:1 http://us.archive.ubuntu.com/ubuntu bionic InRelease Get:2 http://security.ubuntu.com/ubuntu bionic-security InRelease [88.7 kB]                                                   Hit:3 http://archive.ubuntu.com/ubuntu bionic InRelease                                             Get:4 http://us.archive.ubuntu.com/ubuntu bionic-updates InRelease [88.7 kB]         Get:5 http://us.archive.ubuntu.com/ubuntu bionic-backports InRelease [74.6 kB]                                       Fetched 252 kB in 1s (209 kB/s)     Reading package lists... Done