Tom Cope

A expansion on the original pastejacking attack using bash tricks

Javascript allows for the “copy and paste” command to be hijacked. This can allow a malicious website to trick a user into pasting “evil” commands into their command line. This is a expansion on the original attack by using Linux TTY tricks to hide the attack.

Check the source code for more info.

Demo below

Copy the code below and try it out on the command line!

echo hello world
Site Build Timestamp:
2025-05-16:23:09:15.099
|
Page last updated:
2025-05-16:23:09:15.099
Loading page hits...
🐾 Copyright (C) Tom Cope 2020 - 2025 | All Rights Reserved 🏳️‍🌈
GDPR Notice - This Website does not use cookies.