Have you ever thought that an operation as simple as copying and pasting materials off your browser might be dangerous? If not, try copying and pasting the following text somewhere:
If you did not try, here's what you would have witnessed if you had pasted the text in your terminal:
That wasn't as innocent as you thought, eh? To figure out what happened, let's inspect the source of the text above:
See the boxed up area? That is the area containing the injected code. Notice, however, that the position of the text is set to some extreme negative values. This would effectively position the injected text off the screen even though (to your computer) it actually stands between the two words "Copy me".
Copy me; clear; printf "Are you convinced now? I would have had arbitrary control over your terminal if you had pasted this in your terminal\041\n\n" Copy me? :)
If you did not try, here's what you would have witnessed if you had pasted the text in your terminal:
That wasn't as innocent as you thought, eh? To figure out what happened, let's inspect the source of the text above:
See the boxed up area? That is the area containing the injected code. Notice, however, that the position of the text is set to some extreme negative values. This would effectively position the injected text off the screen even though (to your computer) it actually stands between the two words "Copy me".
Comments
Post a Comment