Dustin L. Howett1d ago

"curl does not support an option called `-guid`, but if it did, somebody writing a shell script might use it wrong. Clearly this is a security bug in curl" ???

What the hell did I just read?

(h/t to @bagder for linking to curl's hackerone, for additional hilarious reading material)

https://hackerone.com/reports/3648199

curl disclosed on HackerOne: Internal application wrapper or script...

While -guid is not a standard or documented curl command, a Command Injection or Argument Injection vulnerability within a specific application that wraps curl. Security Analysis: curl -guid -url example.com 1. Status of the "-guid" FlagUndocumented/Non-existent: The official curl binary does not recognize a -guid flag. Standard versions will return an "unrecognized option" error.Custom...

HackerOne
Show threadben
@DHowett @bagder Yeah, the ‘This flag likely belongs to’ line makes this sound like an LLM. That phrase being used in inappropriate contexts (where ‘likely’ should have been double-checked and confirmed) is a red flag IMO.
Apr 6 at 7:46amWeb