ktg-plugin-marketplace

History

Kjell Tore Guttormsen 336e4db1b8 feat(pre-bash-destructive): T8 — base64-pipe-shell idiom (E9) Adds BLOCK_RULE for the malware-loader pattern: echo\|cat\|printf <base64-blob> \| base64 -d \| <shell> This is a common RCE delivery shape that bypasses static name-matching gates by encoding the destructive command as a base64 blob. The new rule fires only when the final pipe target is a shell interpreter (bash, sh, zsh, dash, ksh) — base64 decoded into jq or any non-shell consumer remains allowed. 5 new tests in pre-bash-destructive.test.mjs: - 3 BLOCK cases (echo\|base64\|bash, printf\|base64\|sh, cat\|base64\|zsh) - 2 FP probes (base64 -d -> jq passes; base64 -d alone passes) Closes E9 in critical-review-2026-04-20.md.	2026-04-30 15:15:29 +02:00
..
scripts	feat(pre-bash-destructive): T8 — base64-pipe-shell idiom (E9)	2026-04-30 15:15:29 +02:00
hooks.json	feat(hooks): register PreCompact event in hooks.json	2026-04-17 14:45:13 +02:00

Kjell Tore Guttormsen 336e4db1b8 feat(pre-bash-destructive): T8 — base64-pipe-shell idiom (E9)

Adds BLOCK_RULE for the malware-loader pattern:
  echo|cat|printf <base64-blob> | base64 -d | <shell>

This is a common RCE delivery shape that bypasses static name-matching
gates by encoding the destructive command as a base64 blob. The new
rule fires only when the final pipe target is a shell interpreter
(bash, sh, zsh, dash, ksh) — base64 decoded into jq or any non-shell
consumer remains allowed.

5 new tests in pre-bash-destructive.test.mjs:
- 3 BLOCK cases (echo|base64|bash, printf|base64|sh, cat|base64|zsh)
- 2 FP probes (base64 -d -> jq passes; base64 -d alone passes)

Closes E9 in critical-review-2026-04-20.md.

2026-04-30 15:15:29 +02:00

scripts

feat(pre-bash-destructive): T8 — base64-pipe-shell idiom (E9)

2026-04-30 15:15:29 +02:00

hooks.json

feat(hooks): register PreCompact event in hooks.json

2026-04-17 14:45:13 +02:00