Now if he try to use video name in command line, it will start to corrupt the current line and also history. What this emoji does is its glyph occupy 2 lines "virtually" and then causes next line still navigate on the same line and overwrite current line. To make it take effect immediately, so I suggest use up 100 max characters which has better chance to corrupt current line immediately. Nevertheless, it will still corrupt all history lines when add longer command OR navigate command history.
He need to use sed to replace those malicious characters:
Ensure prefix with space to prevent save current command line to history.
Also this is hard to insert a new emoji to reuse the command, so we use gedit to prepare the command first and then copy-paste into terminal to run.
For safety, you should backup history first, then diff it after done to ensure no mistake on those commands:
Not all terminals has this bug, but konsole terminal has this bug since it doesn't support emoji as well like other terminals.
No comments:
Post a Comment