[Emerging-Sigs] Discussion + Proposed Signature; Submit to TDWTF

evilghost@packetmail.net evilghost at packetmail.net
Wed Oct 27 20:22:49 EDT 2010


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I like the DailyWTF greatly, but there's a potential for code leakage here
and/or policy violation.  I'm opening up for discussion a better signature than
what's current proposed; I don't use Visual Studio (egcs/gcc please).

http://thedailywtf.com/Articles/Submit-WTF-Code-Directly-From-Your-IDE.aspx
http://code.google.com/p/submittotdwtf/source/browse/trunk/
http://thedailywtf.com/SubmitWTF.asmx?WSDL

alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET POLICY
SubmitToTDWTF.asmx DailyWTF Potential Source Code Leakage";
flow:established,to_server; content:"/SubmitWTF.asmx"; http_uri;
content:"codeSubmission"; classtype:policy-violation;
reference:url,thedailywtf.com/Articles/Submit-WTF-Code-Directly-From-Your-IDE.aspx;
reference:url,code.google.com/p/submittotdwtf/source/browse/trunk/; sid:2010xxx;
rev:1;)

Someone help me out on the packet captures/SOAP.

Alex -- I love the site and read it daily, be kind, you know we have to wear a
security hat too.

- -evilghost
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iQIcBAEBAgAGBQJMyMJZAAoJENgimYXu6xOH/O4QAJd+3QpGieD1InE76/Im25G2
xnelI+6TarG49egyAGpGDo7FW2HoUGugeYZBiJyZBFwRJaWkL+AZdwc3jUBeO3uJ
EIE0lLEZCBfi7swTL2PQ8ZGUrm8iFT7m6QauT4M6EMyC/qXN7XeU2lCaDz2t6Wf5
7DVH4GYiGQwhpN70ljiDkYdHMn4VdBUnCpE44pGqrHao1XBq+rtC4OCvOpEP8YLo
uFeU1yavFwtL3810ZVWk7I2KulW3+0wuAqMhrQbTneJt0F9vLx5euirI3RvJ0kZi
a9g3kUDHiYoAnlfbI0b8Up0PqsMZv2lUOaEi8uEnRJ8pnWZ/cj6sA7ZwNkPHskZX
88jY1UDaB5guyctwuazURGluKKTABcofSS4P7D1tc23Y7Ff4uwy0jYDiTZO01i0g
7wC53wUrGHXJQFvbZCZUTsDIgmnbF7e+ZTmWETlpwGMSbtDi6vEqJaepls8qkczr
hb8mAgJvBJQ+/FSSX35oBfN8VXENDZFOPgGDCmBBaeETBC7+xwVinfty5RvFQZEl
bQBoTA4TEsfXWtVJxNje5KV3hTAYEBUmOi0q6il4AArwh50Rm1yG5PTl/FQ0AXXF
pVSSs/LySZVIGoZcr5ObW6ZYV7EDJn6drd49DLBFowHw5SckxCpDpTsCinRL+hvX
tf6EjttEYB8jj5nxHrxe
=JVWz
-----END PGP SIGNATURE-----


More information about the Emerging-sigs mailing list