S/party/hack like it's 1999

The ANSI driver that came with MS-DOS, ANSI.SYS, also allowed keys to be rebound to small macros.<p>So you could TYPE (cat) a file and then later press a harmless key like D and ANSI.SYS could output something like whatever the DOS equivalent of &quot;rm -fr &#x2F;&quot; was (probably DELTREE &#x2F;Y C:\) as though it had come from your very keyboard.<p>This was very common in the BBS era. Anti-virus software would usually detect those sequences. People who wanted to look at ANSI art but were aware of this would use alternative ANSI implementations like the one from PC Magazine, which I am a bit surprised to find out can still be downloaded from their website, which also still exists: <a href="http:&#x2F;&#x2F;www.pcmag.com&#x2F;article2&#x2F;0,2817,5343,00.asp" rel="nofollow">http:&#x2F;&#x2F;www.pcmag.com&#x2F;article2&#x2F;0,2817,5343,00.asp</a>

FTA:<p>&gt; Hint: &gt; &#x27;less&#x27; doesn&#x27;t interpret escape sequences unless the -r switch is used, &gt; so stop aliasing it to &#x27;less -r&#x27; just because there&#x27;s no colored output.<p>Instead you can just use `less -R` which allows colored output but doesn&#x27;t interpret any other escape sequences.

You can even put ANSI escape sequences <i>in file names,</i> since there is no notion of an encoding for file names in POSIX. They&#x27;re just strings of any byte except &#x2F; and NUL. Fortunately GNU ls won&#x27;t print most escape sequences verbatim to stdout, but other implementations and&#x2F;or programs might, and I have had some success creating a file name that GNU ls always prints in a fixed color (this was a while ago, don&#x27;t have it on hand).

&gt; <i>You might be thinking &quot;If I opened that in my browser, I would detect it being malicious!&quot; Well, think again... One can have all sorts of fun with user-agents, something that can easily come to mind is verifying if the user-agent is from curl or wget, and make them download the malicious file, if not, redirect them to a legitimate file that looks like the original output. Your browser would fool you then.</i><p>I can&#x27;t decide whether this is evil, genius or disturbing. I don&#x27;t typically copy paste curl commands, but it never occurred to me that even if you check the URL curl is pointing to with your browser that&#x27;s no guarantee that the same script will be downloaded and parsed in the server.

Title is wrong. Should be:<p><pre><code> s&#x2F;party&#x2F;hack&#x2F; like it&#x27;s 1999</code></pre>

Combine this with <a href="https:&#x2F;&#x2F;thejh.net&#x2F;misc&#x2F;website-terminal-copy-paste" rel="nofollow">https:&#x2F;&#x2F;thejh.net&#x2F;misc&#x2F;website-terminal-copy-paste</a> and you&#x27;ve got something especially nasty.

cat, diff, etc... doesn&#x27;t interpret escape sequences, your terminal does.

Early irc&#x27;ing involved simply typing:<p>NO CARRIER<p>or:<p>ATM0<p>... and watching 10-20-30 people suddenly disappear from the channel as their DOS based comm program passed them as commands directly to the modem.

<a href="http:&#x2F;&#x2F;curlpipesh.tumblr.com&#x2F;" rel="nofollow">http:&#x2F;&#x2F;curlpipesh.tumblr.com&#x2F;</a>

But it wouldn&#x27;t fool any text editor, right? Or even <i>less</i>?

Can escape sequences survive being piped through &quot;col -bx&quot;?