Written by
Ardit Xhaferi

Share this post!


← ../

Debug Safely

January 18, 20224 min read


This is just an informative post (so no new project), it will help you see why you should never copy-paste from a website into your terminal directly.


Usually, when we debug we don't think twice about the site’s credibility we are so focused on solving the problem we are blind to any harm that can happen to us and our machine.

So we just copy-paste anything that we see, mostly when we just have to work with an IDE its not much of a problem, but if the issue needs us to copy-paste something on the terminal that’s when things get risky and we need to be more careful.

Example of carelessly copy-pasting
Example of carelessly copy-pasting

Some Examples

The thing is that the browser actually lets the devs listen to copy events and even change the content after the copying is done so usually this feature is exploited to harm people.

Please next time you copy something check the source or test it beforehand on a notepad or smth.

Example of carelessly copying
Scary stuff 😨

Now imagine instead of nope actually not dumbass I could have written a reverse shell command and would've had a backdoor on your PC and the freedom to access your PC remotely at any time I want.

The scary thing is you don’t even need to press enter the attacker can just add \n a trailing newline and immediately when you paste it will enter automatically.

Here is the JavaScript that makes this all happen please don't misuse it I'm sharing it just for educational purposes.

    'copy', function(e){
            'nope actually not dumbass'

You can check it out for yourself just copy the code below (at ur own risk!) ↓

$ this is totally safe


Take your time debugging, don’t copy-paste from random shitty sites, and stay safe! idc if u don’t now go shoo

shoo go away

Published January 18, 2022, by Ardit Xhaferi.

You don't have to share this post, but if you feel like it: