Displaying 1 result from an estimated 1 matches for "pwnedreadme".
2020 Oct 30
3
SSH client and bracketed paste mode
...e problematic text while seeing it, e.g.
by expanding an attacker-created file using tab expansion and
copy-pasting the file name then (or paste it while writing the
mail via ssh-connection) PLUS make use of the ssh-client induced
(maybe timing-related) transformation of the strings:
# touch $'PwnedReadme.txt\n\n~C\nhelp\n\n\n'
# ls Pw[tab]
... expands it
# stat 'PwnedReadme.txt
~C
help
'
Therefore the admin would be at fault copy-pasting such remote
content without review.
Other data-integrity issues would be pasting rare border cases like:
cat <<EOF > x.txt
hello
~C
help...