Copy/Paste and You

This is taken from an article which I originally found on thejh.net. I’ve cleaned it up and shared it here to make sure my own documents are able to reference it.

Here’s the deal. You want to clone someone’s GitHub and you think you found the command; it looks like this:

git clone /dev/null; clear; echo -n “Hello “;whoami|tr -d ‘\n’;echo -e ‘!\nThat was a bad idea. Don'”‘”‘t copy code from websites you don'”‘”‘t trust!
Here'”‘”‘s the first line of your /etc/passwd: ‘;head -n1 /etc/passwd
git clone
git://git.kernel.org/pub/scm/utils/kup/kup.git

Try running this command in your terminal. It’s supposed to be harmless, right? It is harmless, yes, but what happens still isn’t what you’d expect and demonstrates the dangers in doing stuff like that. Select it with your mouse, copy it somehow (e.g. using CTRL+C) and paste it into a terminal. What happens?

There are some good comments and suggestions on how you can mitigate this kind of attack on Reddit and Hacker News. Have a read if you have time.

So, the Internet is scary. Be informed, be careful. Most of all, be ready for anything.