1996-07-04 - Re: CWD – Jacking in from the “Keys to the Kingdom” Port

Header Data

From: Mark Rogaski <wendigo@gti.net>
To: drosoff@arc.unm.edu (David Rosoff)
Message Hash: 7c43ca8ce3557bfd0a926e2e089ef411048a9cdfbda9a77e86631931a30396d8
Message ID: <199607032025.QAA25327@apollo.gti.net>
Reply To: <1.5.4.16.19960703170027.5fc7bc80@arc.unm.edu>
UTC Datetime: 1996-07-04 00:02:22 UTC
Raw Date: Thu, 4 Jul 1996 08:02:22 +0800

Raw message

From: Mark Rogaski <wendigo@gti.net>
Date: Thu, 4 Jul 1996 08:02:22 +0800
To: drosoff@arc.unm.edu (David Rosoff)
Subject: Re: CWD -- Jacking in from the "Keys to the Kingdom" Port
In-Reply-To: <1.5.4.16.19960703170027.5fc7bc80@arc.unm.edu>
Message-ID: <199607032025.QAA25327@apollo.gti.net>
MIME-Version: 1.0
Content-Type: text


-----BEGIN PGP SIGNED MESSAGE-----

An entity claiming to be David Rosoff wrote:
: 
: I've wondered .. could a creative child circumvent these filter programs
: using a URL-redirecter, like where you see something like
: http://www.one.site.com/cgi-bin/rd?http://www.porno-site.com/
: or are they not URL-based?

I would assume that the filters look for regexp's in the query string, too.
How about a nice little Nutscape plugin that uses a rot13'd query string?

http://www.one.site.com/cgi-bin/sneaky-rd?uggc://jjj.cbeab-fvgr.pbz/

Hmmm, no bad words in the query string.  Of course the filter package would
start looking for rot13'd stuff in the next release.  So the next logical
step is to use the URL encrypted with the redirector's public key ... or
better yet, a dynamically generated key.  Just convert it to radix64 so
as to avoid ?'s &'s or ='s, and use that as the query string.  

The plug-in would only be necessary to generate the first request.  Any
URL preparation could be handled by passing the output of netcat through
a stream filter before sending it to the client.

Now, if I can get the time, maybe I will write a nice little redirector
to do this.  (hehehehehehe ... right ... get the time ... good one)

mark

- -- 
    Mark Rogaski   | Why read when you can just sit and |      Member
  GTI System Admin |         stare at things?           | Programmers Local
  wendigo@gti.net  | Any expressed opinions are my own  |     # 0xfffe
 wendigo@pobox.com | unless they can get me in trouble. |     APL-CPIO


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMdrXDQ0HmAyu61cJAQEZXwP/bSI1tqQH/BCXXWPHhIp9Waq/A22ozyKf
W0iL3zveQWbmirXd5RYtxoo+v8jTFmv+SOIUKrI+n7WKTmFoj1TtzMf8zTYTz/KW
aZ2NK/PddgSqq4mjQEaxufMqvbG8lE/+Cu6GePo8UkFmkd7hSnNQA5sVv/kaTD47
5xVQCwkEwnc=
=traT
-----END PGP SIGNATURE-----





Thread