[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: CWD -- Jacking in from the "Keys to the Kingdom" Port



On Wed, 3 Jul 1996, Mark Rogaski wrote:

> I would assume that the filters look for regexp's in the query string, too.
> How about a nice little Nutscape plugin that uses a rot13'd query string?

	Do you have a copy of that plugin? If it exists.

> http://www.one.site.com/cgi-bin/sneaky-rd?uggc://jjj.cbeab-fvgr.pbz/
> 
> Hmmm, no bad words in the query string.  Of course the filter package would
> start looking for rot13'd stuff in the next release.  So the next logical
> step is to use the URL encrypted with the redirector's public key ... or
> better yet, a dynamically generated key.  Just convert it to radix64 so
> as to avoid ?'s &'s or ='s, and use that as the query string.  
> 
> The plug-in would only be necessary to generate the first request.  Any
> URL preparation could be handled by passing the output of netcat through
> a stream filter before sending it to the client.

	That "creative child" would have to be pretty damn smart to do
what you described.

Ryan A. Rowe - Montreal, Quebec        /Seeking Internet-related job!/ 
aka CyberEyes, Rubik'S Cube              I will relocate _ANYWHERE_.

Tel. -> +1-514-626-0328                |                 __o         o
E-Mail -> [email protected]              |               _ \<_        <\
WWW -> http://www.cam.org/~cyberia     | __/\o_       (_)/(_)       />
IRC -> #CAli4NiA, #Triathlon, #Surfing |
FTP -> ftp.cam.org /users/cyberia      |  swim          bike       run

          Read my C.V. at http://www.cam.org/~cyberia/resume-e.html 
           "In lieu of experience, I have a willingness to learn."

             "Everyone has their day, mine is July 15th, 1998."