551
you are viewing a single comment's thread
view the rest of the comments
[-] Black616Angel@feddit.de 9 points 10 months ago

Now what most people don't know is that websites can insert arbitrary text when you copy stuff of them. A malicious site will abuse that.

It works like that:

You follow a tutorial online or search for a code snippet. You copy some code/said snippet and paste it into a terminal or the browser command line. This copied text is altered by the site to be a one line command to install malware or grab passwords or cookies. All of that is followed by a line break and maybe your real command to lower suspicion.

Some of the terminal or browser shells interpret a line break in the copied text as enter which then executes the command.

To prevent that, get a shell, that doesn't just execute what you paste (fish shell) or a terminal program, that warns you about line breaks (Moba xterm).
And please check text from unknown sites before pasting it into a program that may execute it right away. (Just paste it into a text editor or look at your clipboard manager like Win+V in windows)

[-] brbposting@sh.itjust.works 2 points 9 months ago

Great info. Thank you!

this post was submitted on 12 Feb 2024
551 points (99.3% liked)

Mildly Interesting

17350 readers
10 users here now

This is for strictly mildly interesting material. If it's too interesting, it doesn't belong. If it's not interesting, it doesn't belong.

This is obviously an objective criteria, so the mods are always right. Or maybe mildly right? Ahh.. what do we know?

Just post some stuff and don't spam.

founded 2 years ago
MODERATORS