Event JSON
{
"id": "da2719f46eb0ddf0611f02cc8c0bba24fdd03f7abfa72bbbe733614c85ad8e22",
"pubkey": "ea77f5584eeec06087f47a9fe82692723f1feb889eaf3e3b885997ec2e776aec",
"created_at": 1777578191,
"kind": 1,
"tags": [
[
"emoji",
"thaenkin",
"https://media.mstdn.social/custom_emojis/images/000/007/962/original/6cfc6e95cd2df5fb.png"
],
[
"proxy",
"https://mstdn.social/@rysiek/116495364355869668",
"web"
],
[
"t",
"copyfail"
],
[
"t",
"infosec"
],
[
"emoji",
"blobsweat",
"https://media.mstdn.social/custom_emojis/images/000/001/982/original/e9d98294f4fa432c.png"
],
[
"proxy",
"https://mstdn.social/users/rysiek/statuses/116495364355869668",
"activitypub"
],
[
"L",
"pink.momostr"
],
[
"l",
"pink.momostr.activitypub:https://mstdn.social/users/rysiek/statuses/116495364355869668",
"pink.momostr"
],
[
"-"
]
],
"content": "A lot of people are apparently happily running a script clearly marked as a root exploit from some random website using curl | bash :blobsweat: \n\nSome do inspect the script, but then still run it using curl | bash anyway. :thaenkin: \n\nIncidentally, this very relevant blogpost about detecting curl | bash and serving different scripts based on that is almost exactly a decade old:\nhttps://web.archive.org/web/20230318063325/https://www.idontplaydarts.com/2016/04/detecting-curl-pipe-bash-server-side/\n\n#CopyFail #InfoSec",
"sig": "7a1149aafcc544f250a9e812792a591cc48e28e0c4bc9ff127435ab06c4a909cb057e214545cd9a3c77051e57aa93ca462529e0caa63987add385d8e274dfc65"
}
