zlacker

[parent] [thread] 3 comments
1. window+(OP)[view] [source] 2018-07-29 04:14:19
>in a way that they don't stand a chance of detecting by inspection (or of having proof of after the fact)

What do you mean? They could `tee` curl output to a file (or elsewhere, for archives). They could also suspend passing the output to bash until they've verified the output (perhaps they would run a hash function and compare the result).

replies(1): >>Cyphas+i
2. Cyphas+i[view] [source] 2018-07-29 04:21:22
>>window+(OP)
Then that wouldn't be 'curl | bash'.
replies(1): >>window+K
◧◩
3. window+K[view] [source] [discussion] 2018-07-29 04:30:34
>>Cyphas+i
curl | ... bash
replies(1): >>schoen+F1
◧◩◪
4. schoen+F1[view] [source] [discussion] 2018-07-29 04:53:19
>>window+K
The point of the article is apparently that the server can distinguish "curl | ... | bash" from "curl | bash".
[go to top]