Re: [JDEV] DoS on server component
no, it is sent by a sleepy developer =) -- actually, a client. I will dig out the packets this weekend and do a more thorough analysis of what's going on as requested by DJ.. -Federico - Original Message - From: "Thomas Muldowney" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Friday, May 17, 2002 14:55 Subject: Re: [JDEV] DoS on server component > Is this sent from the component? Components are fully trusted and must > ensure they use a correct from, or else this could happen. > > --temas > > > > DJ Adams wrote: > > >On Wed, May 15, 2002 at 06:16:45PM -0400, Federico Lucifredi wrote: > > > > > >>Hello All, > >>While I was typing one of countless telnet probes on a server component > >>I am trying to develop, I casually managed to DOS my own server... in a > >>quite unexpected way. > >> > >> > > > >... > > > > > > > >>My code is modeled after DJ Adams example of an RSS news agent, and for > >>the purpose of this discussion, I'll use his: > >> > >> > > > >Uh-oh ;-) > > > > > > > >>Now, in my sleepyness, I did put in the query > >> > >> >>to='rss.jabber.endorfine.org' > >>from='[EMAIL PROTECTED]' > >>type='get'> > >> > >> > >> > >>Apparently the unnecessay from attribute confuses the toFrom() function, and > >>the result is that the message keeps being fed to the component by the > >>server - > >> > >> > > > >Hmm, this seems a little odd, especially when one considers that the JSM will > >whack on the 'correct' from attribute before it reaches the component. Do you > >have any log of the packets as the loop starts? > > > >cheers > >dj > >___ > >jdev mailing list > >[EMAIL PROTECTED] > >http://mailman.jabber.org/listinfo/jdev > > > > > > > > ___ > jdev mailing list > [EMAIL PROTECTED] > http://mailman.jabber.org/listinfo/jdev > ___ jdev mailing list [EMAIL PROTECTED] http://mailman.jabber.org/listinfo/jdev
Re: [JDEV] DoS on server component
Is this sent from the component? Components are fully trusted and must ensure they use a correct from, or else this could happen. --temas DJ Adams wrote: >On Wed, May 15, 2002 at 06:16:45PM -0400, Federico Lucifredi wrote: > > >>Hello All, >>While I was typing one of countless telnet probes on a server component >>I am trying to develop, I casually managed to DOS my own server... in a >>quite unexpected way. >> >> > >... > > > >>My code is modeled after DJ Adams example of an RSS news agent, and for >>the purpose of this discussion, I'll use his: >> >> > >Uh-oh ;-) > > > >>Now, in my sleepyness, I did put in the query >> >>>to='rss.jabber.endorfine.org' >>from='[EMAIL PROTECTED]' >>type='get'> >> >> >> >>Apparently the unnecessay from attribute confuses the toFrom() function, and >>the result is that the message keeps being fed to the component by the >>server - >> >> > >Hmm, this seems a little odd, especially when one considers that the JSM will >whack on the 'correct' from attribute before it reaches the component. Do you >have any log of the packets as the loop starts? > >cheers >dj >___ >jdev mailing list >[EMAIL PROTECTED] >http://mailman.jabber.org/listinfo/jdev > > ___ jdev mailing list [EMAIL PROTECTED] http://mailman.jabber.org/listinfo/jdev
Re: [JDEV] DoS on server component
On Wed, May 15, 2002 at 06:16:45PM -0400, Federico Lucifredi wrote: > Hello All, > While I was typing one of countless telnet probes on a server component > I am trying to develop, I casually managed to DOS my own server... in a > quite unexpected way. ... > My code is modeled after DJ Adams example of an RSS news agent, and for > the purpose of this discussion, I'll use his: Uh-oh ;-) > Now, in my sleepyness, I did put in the query > > to='rss.jabber.endorfine.org' > from='[EMAIL PROTECTED]' > type='get'> > > > > Apparently the unnecessay from attribute confuses the toFrom() function, and > the result is that the message keeps being fed to the component by the > server - Hmm, this seems a little odd, especially when one considers that the JSM will whack on the 'correct' from attribute before it reaches the component. Do you have any log of the packets as the loop starts? cheers dj ___ jdev mailing list [EMAIL PROTECTED] http://mailman.jabber.org/listinfo/jdev
[JDEV] DoS on server component
Hello All,
While I was typing one of countless telnet probes on a server component
I am trying to develop, I casually managed to DOS my own server... in a
quite unexpected way.
Note that this is quite a minor issue to patch ... but it is unexpected,
at least to me
My code is modeled after DJ Adams example of an RSS news agent, and for
the purpose of this discussion, I'll use his:
http://mailman.jabber.org/pipermail/jadmin/2002-March/004458.html
lets take the jabber:iq:browse handler as an example
sub iq_browse {
my $node = shift;
debug("[iq_browse]");
return unless my $query = $node->getTag('', NS_BROWSE)
and $node->attr('type', IQ_GET);
debug("--> browse request");
$node = toFrom($node);
$node->attr('type', IQ_RESULT);
# my $rss = $query->insertTag('service');
# $rss->attr('type', 'rss');
# $rss->attr('jid', $ID);
# $rss->attr('name', $NAME);
# $rss->insertTag('ns')->data(NS_REGISTER);
$c->send($node);
return r_HANDLED;
}
(I commented out the code proper, so all that this handler does is redirect
the message back to the user and set the IQ-TYPE attribute to result.)
Now, in my sleepyness, I did put in the query
Apparently the unnecessay from attribute confuses the toFrom() function, and
the result is that the message keeps being fed to the component by the
server -
I understand that the from attribute should not be there, but I do not
understand why toFrom() should be messing up this way
sub toFrom {
my $node = shift;
my $to = $node->attr('to');
$node->attr('to', $node->attr('from'));
$node->attr('from', $to);
return $node;
}
it seems to me like it should be swapping things properly. what
originates the loop ? Am I still asleep ?!
-Federico
_
-- "'Problem' is a bleak word for challenge" - Richard Fish
Muad'Dib of Caladan (Federico L. Lucifredi)- [EMAIL PROTECTED],
http://www.lucifredi.com
___
jdev mailing list
[EMAIL PROTECTED]
http://mailman.jabber.org/listinfo/jdev
