Pastejacking 2

A expansion on the original pastejacking attack using bash tricks

Javascript allows for the “copy and paste” command to be hijacked. This can allow a malicious website to trick a user into pasting “evil” commands into their command line. This is a expansion on the original attack by using Linux TTY tricks to hide the attack.

Check the source code of the page for the script.

Demo below

Copy the code below and try it out on the command line!

echo hello world