A lot of people are apparently happily running a script clearly marked as a root exploit from some random website using curl | bash :blobsweat:
Some do inspect the script, but then still run it using curl | bash anyway. :thaenkin:
Incidentally, this very relevant blogpost about detecting curl | bash and serving different scripts based on that is almost exactly a decade old:
https://web.archive.org/web/20230318063325/https://www.idontplaydarts.com/2016/04/detecting-curl-pipe-bash-server-side/
#CopyFail #InfoSec
Some do inspect the script, but then still run it using curl | bash anyway. :thaenkin:
Incidentally, this very relevant blogpost about detecting curl | bash and serving different scripts based on that is almost exactly a decade old:
https://web.archive.org/web/20230318063325/https://www.idontplaydarts.com/2016/04/detecting-curl-pipe-bash-server-side/
#CopyFail #InfoSec
1
