Valentine greeting with bash script (terminal) (afshinm.github.com) 17 points by afshinmeh 13y ago ↗ HN
[–] lamby 13y ago ↗ > bash <(curl http...Stopped right there. [–] [deleted] 13y ago ↗ (comment deleted) [–] mapleoin 13y ago ↗ The point was that it's a really bad idea to encourage people to run random scripts downloaded from the internet. [–] afshinmeh 13y ago ↗ Sorry, deleted.
[–] [deleted] 13y ago ↗ (comment deleted) [–] mapleoin 13y ago ↗ The point was that it's a really bad idea to encourage people to run random scripts downloaded from the internet. [–] afshinmeh 13y ago ↗ Sorry, deleted.
[–] mapleoin 13y ago ↗ The point was that it's a really bad idea to encourage people to run random scripts downloaded from the internet. [–] afshinmeh 13y ago ↗ Sorry, deleted.
[–] willvarfar 13y ago ↗ asking you to download straight to bash? Crazy!!!That the 'exploit' is hosted on github, though, makes it interesting:You can't tell ahead of time what you'll be served, but you can tell what exploit you got served... [–] afshinmeh 13y ago ↗ Yeah I know what you say but that's why I made a github for that script. BTW, I think downloading bash script and run that is a little bit difficult!
[–] afshinmeh 13y ago ↗ Yeah I know what you say but that's why I made a github for that script. BTW, I think downloading bash script and run that is a little bit difficult!
[–] olgeni 13y ago ↗ It is always a good time to remember that bash might not always live in /bin/, but +1 for a bash script clearly marked as "bash". [–] lamby 13y ago ↗ Yes, even though it's trivial to make it POSIX-compatible:https://github.com/afshinm/valentine_script/pull/1 [–] afshinmeh 13y ago ↗ Merged.
[–] lamby 13y ago ↗ Yes, even though it's trivial to make it POSIX-compatible:https://github.com/afshinm/valentine_script/pull/1 [–] afshinmeh 13y ago ↗ Merged.
[–] phaemon 13y ago ↗ That script has:rm -rf ~on line 22.EDIT: Line was added by https://github.com/williame [–] [deleted] 13y ago ↗ (comment deleted) [–] lewispollard 13y ago ↗ I can't believe the guy merged that pull request. What was he thinking? [–] krthkv 13y ago ↗ he came back with another pull request to revert the change .. which the closed without merging .. https://github.com/afshinm/valentine_script/pull/3
[–] lewispollard 13y ago ↗ I can't believe the guy merged that pull request. What was he thinking? [–] krthkv 13y ago ↗ he came back with another pull request to revert the change .. which the closed without merging .. https://github.com/afshinm/valentine_script/pull/3
[–] krthkv 13y ago ↗ he came back with another pull request to revert the change .. which the closed without merging .. https://github.com/afshinm/valentine_script/pull/3
[–] bensummers 13y ago ↗ I now have something new to link to whenever someone posts something suggesting that a "pipe curl to shell" command isn't insane!http://williamedwardscoder.tumblr.com/post/42921614369/omg-r...
[–] kvprashant 13y ago ↗ williame gave a good lesson! Seriously, you just download a script randomly and execute it without first checking it. And I'd probably understand if it was a heroku script or something but a valentine script seriously?!
15 comments
[ 7.0 ms ] story [ 58.1 ms ] threadStopped right there.
That the 'exploit' is hosted on github, though, makes it interesting:
You can't tell ahead of time what you'll be served, but you can tell what exploit you got served...
https://github.com/afshinm/valentine_script/pull/1
rm -rf ~
on line 22.
EDIT: Line was added by https://github.com/williame
http://williamedwardscoder.tumblr.com/post/42921614369/omg-r...