Really nifty JavaScript hack for cut and paste:

[KGIII]

Copy-Paste Hack using JavaScript

An easy but powerful hack of the standard copy-paste behaviour of any browser

marco97pa.github.io

(You can paste it into your terminal, it's safe.)

Note: You must CUT AND PASTE it. Just highlighting it and inserting it with the mouse wheel button doesn't trigger it.

 

[JasKinasis]

I've seen that kind of thing done before. If I copy text, or links from an unfamiliar website - I always copy/paste into a text editor first, to make sure no sneaky scripts have altered the copy/paste buffer!

 

[KGIII]

I've seen that kind of thing done before.

I've seen similar exploits but not in a while. I guess it's a novel way of doing it - inserting it with JavaScript. I checked the source and it's not even a little bit difficult. LOL My Linux site gets a ton of traffic these days. I'm positive people copy/paste the commands. It's a good thing I'm not malicious.

Though, at the same time, it only takes one person to check and them to let others know.

 

[dos2unix]

Easy to find... but how many times do we copy and paste from our browsers without thinking about it every day?

 

[KGIII]

but how many times do we copy and paste from our browsers without thinking about it every day?

I actually don't do so all that often. I prefer to type the command in - unless it's long and I am lazy, or unless I'm inebriated. I try not to do anything in the terminal if I'm inebriated, but sometimes the Siren's Call is too strong. So, I could easily be nailed with something like this.

The good news is that it should only have user permissions. The bad news is that user permissions are enough to cause a headache.

 

[KGIII]

Nice, thanks for the hack! It will save me a lot of time because I used to have issues with copying texts from different sources. I don’t know how I haven’t figured it out myself.

Yeah, it's a horrible way to get screwed over. It'd be easy to replace the code with a fork bomb or, more ugly, a command that deletes a bunch of files belonging to the user who ran the command. Sure, we've got backups - but how immediate and it's a pain to restore them.

So, be careful what you cut and paste.

There was a thread recently where I explained why some cut/paste terminal commands run automatically (a horrible idea) and how to prevent that. Basically, watch for whitespace at the end of what you cut and paste. If there's an extra character, the terminal may interpret it as a new line and run the command immediately after pasted!