[ot][spam][crazy][puzzle?][spam][crazy]
1 + 1 = 0 find a solution i.e. an arithmetic system where it is true ummmmmmmmmmmmmmmmmmmmmmmmmmmmmm
one of the curiosities is whether he server's certificate verification in [akash] is as broken as the client's dunno! there's a file adjacent to client.go called router.go that looks like it might do most of the http server setup work
On 7/20/23, Undescribed Horrific Abuse, One Victim & Survivor of Many <gmkarl@gmail.com> wrote:
one of the curiosities is whether he server's certificate verification in [akash] is as broken as the client's
dunno! there's a file adjacent to client.go called router.go that looks like it might do most of the http server setup work
I found some server cert code at https://github.com/akash-network/provider/blob/44c85af39a56a43830efbdcbe7a2f... . The function starts like this:
if r.TLS == nil || len(r.TLS.PeerCertificates) == 0 { http.Error(w, "", http.StatusUnauthorized) return }
// at this point client certificate has been validated // so only thing left to do is get account id stored in the CommonName owner, err := sdk.AccAddressFromBech32(r.TLS.PeerCertificates[0].Subject.CommonName) if err != nil { http.Error(w, err.Error(), http.StatusUnauthorized) return }
It's strange it says "at this point client certificate has been validated" without doing anything to the client certificate. [desktop interruption, mysterious]
------------ how to take the square root of 4 if you don't know that it's 2 uhhhhhhhhhhhhhhhhhhh let's say we don't know what any multiples are. 2x2 = ? dunno
what is square root of [a number]? square root of [a number] is the number that, when multiplied by itself, makes [a number]. what is multiplied by itself? multiplication is adding to itself a number of times. so multiplying by itself, means starting at 0, and adding the number repeatedly, counting each time, stopping when you have done it its own number of times. it's kind of called square cause if you pile a row of objects for each number you add, you get a square pile of objects
let's try guessing with division ----------- how to figure out whether akash providers are vulnerable to very simple falsified certificates, providing for logging in as this might be the client code for logging in with a shell: https://github.com/akash-network/provider/blob/44c85af39a56a43830efbdcbe7a2f... the question is, do the servers let anyone log in with a shell by failing to authenticate certificates? _ideally_ we would figure out how to check this by inspection first, and then could verify it using test code after the inspection. so far, i haven't found by inspection where the certificate is validated.
the path for the request used there is at https://github.com/akash-network/provider/blob/main/gateway/rest/path.go#L41... ("{leasePath(lID)}/shell")
i'm looking at the router code a little it looks like viewing the logs might be simpler than a shell i noticed the manifest is passed to the shell, but not to the logs, and the manifest can be passed around via a 1-way hash or a full document, so it's a further unknown
*clearly* the thing to do here is to fork akash entirely and start "akash knockoff -- we're like akash but it's less easy to hack us"
if you can get akash knockoff token into a cosmos exchange the price can probably be made to quickly skyrocket
[if it's possible to compromise all the clients, you could find some way to make it harder to do so and resell them on akash knockoff ...
the biggest impediment to developing a chain fork here is my lack of easy-to-engage disk space. it might be simpler to run the chain on akash providers ...
i'm thinking the way to test it would be to run a provider and try to engage your own provider then it is easy to add logging to the provider to figure out where and how the certificates are supposed to be verified
i'm imagining this, and thinking what i might expect at this point would be possibly for it be exploitable locally, but for remote people to be running patched servers that aren't exploitable this would be a weird scenario i'm thinking it makes more sense for it to not be exploitable
maybe an easier way to try it would be using provider access one had already paid for. reduces the tension, although not as much information on what goes on. i guess i'd like to return to simply using and working on my code
----------------------------------- ops = [ lambda x: x + 1, lambda x: x * 2, lambda x: x - 1, ]
# op class. instances include minus and plus. # each one links to the other. # then ... we apply ops to expressions, trying to isolate something to solve for
# op class. instances include minus and plus. # each one links to the other.
# expression class. i suppose an op is an expression [making graph-tree] # can i suppose make equals be an op too, maybe give it solve member, who knows
# then ... we apply ops to expressions, trying to isolate something to solve for
# so big challenge is solve function, which isn't that complicated given there's only minus, plus, and equals! # we'll need constant and variable nodes too # - minus # - plus # - equal # - constant # - variable # solve function # maybe we can do the core behavior of looking up the inverse of an op and applying it to both sides of an equation
# wonder stuff class Expr: def __init__(self, name, call, inverse = None): self.name = name self.call = call if inverse is not None: self.inverse = inverse inverse.inverse = self # note there can be more than one inverse; is more general # to think of inputs and outputs together and describe how they swizzle plus = Expr('+', lambda x, y: x + y) minus = Expr('-', lambda x, y: x - y, plus) class Const(Expr):
class Relation(Expr): def solve(self, for_var): # okay, I conflated classes with objects. an expression _type_ is different from an expression _instance_ . # also, for conciseness, consts and variables could be integers and strings
participants (1)
-
Undescribed Horrific Abuse, One Victim & Survivor of Many