it is detectable on server side, if you download the script or pipe it into a shell
Irrelevant. This is just an excuse people use to try and win the argument after it is pointed out to them that there’s actually no security issue with curl | bash.
It’s waaaay easier to hide malicious code in a binary than it is in a Bash script.
You can still see the “hidden” shell script that is served for Bash - just pipe it through tee and then into Bash.
Can anyone even find one single instance of that trick ever actually being used in the wild (not as a demo)?
Irrelevant. This is just an excuse people use to try and win the argument after it is pointed out to them that there’s actually no security issue with
curl | bash.It’s waaaay easier to hide malicious code in a binary than it is in a Bash script.
You can still see the “hidden” shell script that is served for Bash - just pipe it through
teeand then into Bash.Can anyone even find one single instance of that trick ever actually being used in the wild (not as a demo)?