|
|
|
|
|
|
by oholiab
3644 days ago
|
|
|
It's actually possible to detect the |bash part server side and send different content than if you were simply curling, wgeting or viewing in a browser. Not only does this mean that you could end up with a compromised system, but it also means that there's no artefact of what caused it left on disk. I agree with your point that running third party software is always a risk, the problem here being that you can think you've done your due diligence by reading the curl output first and then doing curl|bash, but in actuality this is not necessarily the case which is what makes curl|bash such an insidious bad habit. https://www.idontplaydarts.com/2016/04/detecting-curl-pipe-b... |
|
|