Pastejacking icon indicating copy to clipboard operation
Pastejacking copied to clipboard

Published 20 hours ago verified publisher icon dxa4481

Possible solution?

Open Aaronmsv opened this issue 8 years ago • 1 comments

While pasting text in gedit can be used to verify commands, what about a bash command?

I made a bash function that will show the clipboard safely and gives you the option to execute it after reviewing. You don't need to open any other programs like gedit (and also prevents vim scripts) and can be used on servers (ssh) without a gui.

It needs xclip to be installed. cat is used to display the clipboard and will also show special characters. (pp is for paste protection and it types fast)

function pp {
    xclip -o | cat -A
    echo -ne "\nExecute? (y/n): "
    read execute
    # only execute when 'y' was answered
    # all other input is ignored
    if [[ $execute == "y" ]]; then
        eval `xclip -o`
    fi
}

Example from the demo:

aaron@aaron-pc:~$ pp
echo "evil"$

Execute? (y/n): n
aaron@aaron-pc:~$

aaron@aaron-pc:~$ pp
echo "evil"$

Execute? (y/n): y
evil
aaron@aaron-pc:~$

Aaronmsv avatar May 28 '16 11:05 Aaronmsv

Also see https://github.com/Aaronmsv/PastejackingProtection

Aaronmsv avatar May 28 '16 12:05 Aaronmsv