Re: CWD -- Jacking in from the "Keys to the Kingdom" Port
-----BEGIN PGP SIGNED MESSAGE----- At 02.09 PM 7/4/96 -0400, you wrote:
On Wed, 3 Jul 1996, Mark Rogaski wrote:
I would assume that the filters look for regexp's in the query string, too. How about a nice little Nutscape plugin that uses a rot13'd query string?
Do you have a copy of that plugin? If it exists.
http://www.one.site.com/cgi-bin/sneaky-rd?uggc://jjj.cbeab-fvgr.pbz/
Hmmm, no bad words in the query string. Of course the filter package would start looking for rot13'd stuff in the next release. So the next logical step is to use the URL encrypted with the redirector's public key ... or better yet, a dynamically generated key. Just convert it to radix64 so as to avoid ?'s &'s or ='s, and use that as the query string.
The plug-in would only be necessary to generate the first request. Any URL preparation could be handled by passing the output of netcat through a stream filter before sending it to the client.
That "creative child" would have to be pretty damn smart to do what you described.
It would actually take less creativity to do the other things, bypass the config.sys, etc. The child would thus be perhaps a little TOO creative. :) =============================================================================== David Rosoff (nihongo o sukoshi dekiru) ----------------> drosoff@arc.unm.edu For PGP key 0xD37692F9, finger drosoff@acoma.arc.unm.edu 0xD37692F9 Key fingerprint = 25 7D AA 01 85 41 43 89 50 5A 33 76 F1 F1 99 67 Do you know who's reading your email? ---> http://www.arc.unm.edu/~drosoff/pgp/ Anonymous ok, PGP ok. If it's not PGP-signed, you know that I didn't write it. === === === === === === === === === === === === === === === === === === === === "Truth is stranger than fiction, especially when truth is being defined by the O.J. Simpson Defense Team." -Dave Barry -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBMdxKohguzHDTdpL5AQEFIwQAuK9Ca8ImcDka9mYWht35h8NMSr2A/tfB zvusZ8P5HIEYTbQ8GyRDQ3R+X58+k2pQmaCnO66EtI83mrVs+J9C8B7LoobroZpO u2R0SnMMJVU6eQAnkABkgYaMLVamqEMG+n6qmk7NePjsawSBvOdtuH9dmccR1/Pi +sGpQvT6RvI= =vTir -----END PGP SIGNATURE-----
-----BEGIN PGP SIGNED MESSAGE----- An entity claiming to be David Rosoff wrote: : : > That "creative child" would have to be pretty damn smart to do : >what you described. : : It would actually take less creativity to do the other things, bypass the : config.sys, etc. The child would thus be perhaps a little TOO creative. :) : 2 short replies in one post: A) Who said anything about a creative child? How about a creative c'punk? B) Forget the CONFIG.SYS ... what about kids using Macs or some future "Kid Safe" system that has the filters in an eeprom? I'm talking about bypassing the censorship on the client-server level. Relatively platform independent. - -- Mark Rogaski | Why read when you can just sit and | Member GTI System Admin | stare at things? | Programmers Local wendigo@gti.net | Any expressed opinions are my own | # 0xfffe wendigo@pobox.com | unless they can get me in trouble. | APL-CPIO -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBMd04PA0HmAyu61cJAQHaPwP/VkH9kMZkZGXe5Njz9HRLzPep+EwRGSBf zfX5z8VPxMpDUdBWSKHyZgakckkWWg5e6zNUXtOI6diKtIuPXboVC8/5wY1PN5vX qyEGzN8L97MFOvkKNmQVmWTdfou7Tyd8sd5GfBpYt6WoIYmux2ovz+hRhW5Pg2g+ MhImPjT3k7Q= =EilI -----END PGP SIGNATURE-----
On Fri, 5 Jul 1996, Mark Rogaski wrote:
An entity claiming to be David Rosoff wrote: : : > That "creative child" would have to be pretty damn smart to do : >what you described. : : It would actually take less creativity to do the other things, bypass the : config.sys, etc. The child would thus be perhaps a little TOO creative. :) :
2 short replies in one post:
A) Who said anything about a creative child? How about a creative c'punk?
I'm not following you. I don't think many people on this list are faced with the problem of getting around software used to filter out pornography, drug info, and other evil things tearing at the moral fiber of today's youth. (Hint: I write this with tongue firmly in cheek.)
B) Forget the CONFIG.SYS ... what about kids using Macs or some future "Kid Safe" system that has the filters in an eeprom? I'm talking about bypassing the censorship on the client-server level. Relatively platform independent.
Using a hardware based filter is about as bad as using the IP security header fields for content descriptions. It's not at the level where filtering belongs. Filtering should be at the software level where it currently is. Since this can easily be broken, it might be better to have "Kid Safe" ISP's that would use a firewall to filter data. -- Mark =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= markm@voicenet.com | finger -l for PGP key 0xe3bf2169 http://www.voicenet.com/~markm/ | d61734f2800486ae6f79bfeb70f95348 "Freedom is the freedom to say that two plus two make four. If that is granted, all else follows." --George Orwell, _1984_
Mark Rogaski wrote:
B) Forget the CONFIG.SYS ... what about kids using Macs or some future "Kid Safe" system that has the filters in an eeprom? I'm talking about bypassing the censorship on the client-server level. Relatively platform independent.
Or, more likely, the filter being at the ISP end. If set up well it would only be possible to bypass with outside help. Gary -- pub 1024/C001D00D 1996/01/22 Gary Howland <gary@systemics.com> Key fingerprint = 0C FB 60 61 4D 3B 24 7D 1C 89 1D BE 1F EE 09 06
participants (4)
-
David Rosoff -
Gary Howland -
Mark M. -
Mark Rogaski