Pastejacking icon indicating copy to clipboard operation
Pastejacking copied to clipboard

Published 20 hours ago verified publisher icon dxa4481

Easier solution: Just type it in

Open majewsky opened this issue 8 years ago • 7 comments

Instead of copy-pasting.

majewsky avatar May 24 '16 11:05 majewsky

kebod boken, can't tpe

hakudev avatar May 24 '16 14:05 hakudev

Works for some but not all cases. Look at instructions for installing rvm...

gpg --keyserver hkp://keys.gnupg.net --recv-keys 409B6B1796C275462A1703113804BB82D39DC0E3
\curl -sSL https://get.rvm.io | bash -s stable

I certainly don't want to take the time to type something like this in.

gregpardo avatar May 24 '16 19:05 gregpardo

@gregpardo in your case I will usually take the time to type the command and copy and paste just the long unpronounceable sections. This might help protect me, or not, I haven't yet tested it.

Also, typing out the commands helps me remember them for later. So, usually whatever time lost by typing is made up the next time when I'm already familiar with the command.

illpro avatar May 24 '16 21:05 illpro

Oh I agree with the suggestion of typing commands in. I usually do it as well. It's just not really an 'Easier solution' more of a 'good practice' where applicable.

gregpardo avatar May 25 '16 13:05 gregpardo

or preview it before actually pasting it in?

bgrgndz avatar May 25 '16 18:05 bgrgndz

@macguru2000 That won't help protect you

Payload:

\n\r
echo "evil"\n\r

If you type echo and then paste, this is what happens:

> echo
< ERROR! (not really, but for another command, maybe)
> echo "evil"
< evil

At least, I think so

joker314 avatar Jul 17 '18 13:07 joker314

Sure enough @joker314

illpro avatar Jul 31 '18 22:07 illpro