zlacker

[return to "Detecting the use of "curl | bash" server-side"]
1. jamesc+01[view] [source] 2018-07-29 02:00:44
>>rubyn0+(OP)
This is immune to the attack:

    bash -c "$(curl -sSLf $URL)"
The key is to download first and then run
◧◩
2. bencha+R1[view] [source] 2018-07-29 02:18:37
>>jamesc+01
Or better yet:

curl $URL

less $FILE

bash $FILE

This attack only works at all if you download something and execute it immediately without looking at it.

[go to top]