A sneaky demonstration of the dangers of curl | bash - k3can blog
blog.k3can.us

I set up a quick demonstration to show risks of curl|bash and how a bad-actor could potentially hide a malicious script that appears safe.

It’s nothing new or groundbreaking, but I figure it never hurts to have another reminder.

  • deadbeef79000@lemmy.nzEnglish
    0·
    23 days ago

    Does curl send a different useragent when it’s piped?

    Searching for those words just vomits ‘hOW to SeT cUrL’s UseRaGenT’ blog spam.

    • Flipper@feddit.orgEnglish
      0·
      22 days ago

      Its timing based. When piped a script, bash executes each line completly before taking the next line from the input. Curl has a limited output buffer.

      1. Operation that takes a long time. Like a sleep, or if you want it less obvious. A download, an unzip operation, apt update, etc.
      2. Fill the buffer with more bash commands.
      3. Measure on the server if at some point curl stops downloading the script.
      4. Serve a malicious payload.