zlacker

[return to "Detecting the use of "curl | bash" server-side"]
1. dev_du+H9[view] [source] 2018-07-29 05:16:26
>>rubyn0+(OP)
The obsession against shell pipes is so absolutely absurd. You’d download a dmg and drag it to your apps but not shell pipe? You’ll sudo dpkg -i but not a shell pipe?

Can anyone point to a single case of a shell pipe ever being abused ever?

◧◩
2. blub+Ld[view] [source] 2018-07-29 06:52:20
>>dev_du+H9
Bash: execute an unsigned script to install an unsigned payload. Probably requires admin rights.

dmg: download an archive file which contains a signed payload which is copied to Apps. Admin rights are used for copying only.

The difference is blindingly obvious.

[go to top]