Skip to content

Instantly share code, notes, and snippets.

@kkirsche

kkirsche/cat-danger.py

Created January 8, 2020 21:57
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save kkirsche/5f6d201c14160e8cc8106e035965d551 to your computer and use it in GitHub Desktop.
Save kkirsche/5f6d201c14160e8cc8106e035965d551 to your computer and use it in GitHub Desktop.
Download ZIP
The danger of just trusting the cat command
Raw
cat-danger.py
#!/usr/bin/env python3
hidden_cmd = "echo 'You forgot to check `cat -A`!' > oops"
visible_cmd = "echo 'Hello world!'"
if __name__ == "__main__":
with open("demo.sh", "w") as f:
txt = "#!/bin/sh\n"
txt += hidden_cmd + ";" + visible_cmd + " #\r" + visible_cmd + " " * (len(hidden_cmd) + 3) + "\n"
f.write(txt)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment