Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I think this is a bit of a sensational take. The code being executed is all there without obfuscation.


Not at all. The code that you see is not guaranteed the code that curl will receive. And even if you check the curl output, if you run it a second time to pipe to sh it might receive something different.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: