We all know it's not a good idea to copy things in your terminal you don't really understand, for example all these nice perl
snippets that delete your home directory or do even worse things.
But what about shell snippets you do understand? Do we really need obfuscation? What about the following?
while [ $i -lt 10 ]; do
i=$(($i+1));echo "YOU SHOULD NOT JUST DO BLINDY COPY STUFF INTO YOUR TERMINAL";i=0
This was one of the neat things ascii
showed in his talk Tricks: Makes you smile
at the 25c3
I know we are all aware of the fact that c&p is not a good idea in most cases, but who hasn't copied config snippets from the net so far? We are all lazy
The problem here is that some browsers (e.g. firefox
) do not display text that is surrounded by
<span style="display:none"></span> while the string that is not displayed will be happily copied into your X11 buffer and later pasted. Interestingly opera
(I tested 9.63) only copies the visible text so its users are not vulnerable to this specific problem.
Check out the talk, it includes quite some other interesting things.
UPDATE: while the above example doesn't work in opera it seems that there is a way to defeat operas filter, check out the uname example on: http://ush.it/team/ascii/hack-tricks_253C_CCC2008/wysinwyc/howto.html
(thanks ascii for pointing that out).