Skip to main content

Tricking users to run malicious code through the terminal

Visit the following website and try out the instructions.

I was genuinely surprised and scared for a second. One can argue that this is not really a problem with terminals, but with HTML/CSS.

I don't usually copy and paste from the browser into the terminal. With longer commands I do, but only after checking the code for malicious content. After discovering this I am not sure if I can ever assume any code to be safe.

Thankfully, a user going by the username moonboots, shared the following on Hacker News:

Bash and Zsh provide shortcuts to open a text editor where commands can be pasted and edited before running (Ctrl-x Ctrl-e in bash, need to enable in zsh).

Sample .zshrc to map edit-command-line to Ctrl-x e:

autoload edit-command-line
zle -N edit-command-line
bindkey '^Xe' edit-command-line

So please use the aforementioned solutions for your respective shells before copy-pasting something from the web, or manually open a text editor and paste into it first.

Also remember that it's always better to just type out the commands instead of copy-pasting, though for long pieces of text it can vary from being annoying to unfeasible.

Exim and Windows Live Domains

Usually, sending mail using Exim from your domain without a smart host is not a problem. But recently, I faced a peculiar problem.

I wanted to send mail using exim from a domain, to an account on the same domain handled by Windows Live Domains

Now, the MX records for the domain in question point to's servers, and the account was only created on But, Exim was considering the account as local, and since there was no such local account, the message delivery was failing.

What I wanted to do was force a dns lookup for this particular address by exim.

I found possible solutions on the following links:

Note: The above solutions mention Google Apps, but work just as well for (using Windows Live Domains).

Continue Reading...

nikola new_post -t Hello World

Hello World Internet (Well, the internet is a small subset of the world.)

If you are wondering about the title of this post, well, this is how I began writing my first post for this blog (which also happens to be my first blog post ever!).

So, you must be wondering what this blog is about?

In short, I will mainly cover things relating to Linux and Free Software on this blog. For more details, please refer to the About page.

And if you are wondering about Nikola, basically, Nikola is a framework that generates static websites and blogs. And yes, I am using it for this site. Take a look at its documentation page for a detailed explanation of its features.

Anyhow, I will keep this post short and come up with something *useful* later.