The one who never has copied a command from the web to paste it into your terminal, Cast the first stone. It is not something that only novice Linux users do, but in any system, and it is so common among developers themselves – even the most veteran ones – that Stack Overflow itself turned its keyboard to ‘copy and paste’ into a real gadget with enough demand.
Well, the cybersecurity specialist Gabriel Friedlander, just showed a “simple trick with which you can be hacked for a copy paste accidental“For Gabriel, the demo that he has posted on his website is more than reason enough why we should never copy commands from the web directly into our terminal.
When you think you are copying something but it is replaced by something else
Friedlander explains that all it takes is a simple line of code injected into the code you are copying to create a back door to your app. In fact, you can do the test directly on his blog by copying a common and common command that many of us have used in Linux: “sudo apt update”.
If you enter the blog in question and copy the code and paste it in the drawer below (or in any other place like your notepad), you can see how what you pasted is completely different from the copied command. In this case it is a malicious command, and the important detail here is that when pasting it a new line is added automatically.
This means that when you have pasted the command it will be too late, since adding a new line causes the terminal to automatically execute the command, so regardless of whether you have noticed that the command you pasted is not the correct one, you will no longer be able to do anything to prevent its execution.
These types of scripts obviously have legitimate uses, but this is an example of how they can be exploited for evil in a creative way, and perhaps it serves as a warning not to copy commands from any strange place on the Internet.
A recommendation from Gabriel to prevent this is that we can add a “#” after the code before pasting it to make it a comment and that it does not run. A recommendation from Gabriela is to paste the code before anywhere other than the terminal to verify that you are pasting the original content and no one is playing one on you.