Home - News ( United States | United Kingdom | Italy | Germany ) - Football scores

Showing content from https://github.com/jakshin/pw3nage below:

jakshin/pw3nage: If you get pw3ned, might want to fix your shell

If you get pw3ned, might want to fix your shell

This is a rather silly POC of a vulnerability in custom shell prompt scripts that I suspect is rather widespread. I noticed when working on a branch that included (for the sake of cuteness) a $ that my prompt that usually includes the branch name had a bunch of gibberish. I suspected the zsh plugin I was using did not properly escape shell metacharacters, so I tried a few more things and landed on this.

How it works:

1. This repo has an unusually-named default branch of $(./pw3n)
2. The repo contains a script at the path referenced in the branch name
3. When you cd to this repo, if your shell prompt tries to display your branch name and does't correctly escape $(..) expressions, it will execute ./pw3n

Fixes:

• only show safe characters: branch=${BRANCH//[^a-z0-9\/]/-}
• construct PS1 to reference a variable that holds the branch name, as in the official git prompt fix

RetroSearch is an open source project built by @garambo | Open a GitHub Issue

Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo

HTML: 3.2 | Encoding: UTF-8 | Version: 0.7.4