oncall-pokemon has quit [Quit: Connection closed for inactivity]
queip has quit [Ping timeout: 272 seconds]
amateur_rubyist has quit [Remote host closed the connection]
tpanarch1st has quit [Ping timeout: 272 seconds]
queip has joined #ruby
gix has quit [Ping timeout: 245 seconds]
amateur_rubyist has joined #ruby
LtHummus has quit [Ping timeout: 272 seconds]
amateur_rubyist has quit [Ping timeout: 246 seconds]
wymillerlinux has joined #ruby
<adam12>
openstruct: Where do you see that they used a signed key?
<openstruct>
adam12: I don't know much about OpenSSL and think I mispoke. After digging deeper, it looks that's just their session token and they're checking to make sure code only executes when it comes from their request?
<adam12>
openstruct: Oh. You're talking about the actual exploit, and not the way they pushed an insecure gem?
<openstruct>
adam12: Yeah, I was just trying to break down their pastebin code for my own learning.
<adam12>
openstruct: Likely just an easy way to keep the hacked services to themselves. It's not uncommon for a hacker to shore up a machine after they've compromised it, to keep other hackers off it.
hutch has joined #ruby
<openstruct>
adam12: Is it normal for an end-used to be able to modify their tokens without the server freaking out? I thought tokens are signed with a pricate key to avoid that sort of tampering?
<adam12>
openstruct: Most good frameworks will sign and/or encrypt their session cookies
leitz has quit [Quit: Leaving]
<openstruct>
adam12: Hmm perhaps they targeted Rack::SendFile because the server in question didn't authenticate that one or protect against forgery.
<adam12>
openstruct: In this case, I think it uses '__session', which might not be exact to the one that's being used by Rails (I don't use Rails so I'm not sure), but not too off the path of cookie names to look suspicious.
sgen has joined #ruby
<openstruct>
adam12: Oh, yeah, that's a valid point.
<adam12>
openstruct: Rack::SendFile is likely further up the middleware stack. You want files to be sent fast, and traversing ActionDispatch is not fast.
catbusters has quit [Quit: Connection closed for inactivity]
<openstruct>
adam12: Surprised they went for SendFile, that seems like a very specific endpoint? Perhaps it was done to avoid the large request size from raising suspicion? Or I may be misunderstaning SendFile.
<adam12>
openstruct: It's probably just guaranteed to exist. I haven't looked, but I'd almost presume it's a pass-through unless it sees the X-Sendfile header.
<openstruct>
adam12: good point -- thanks for breaking that down. It was fun to dissect that code.
chalkmonster has joined #ruby
<adam12>
openstruct: Yeah it's interesting code. Actually looks incredibly similar to the strong_password exploit I feel.
hutch has quit [Ping timeout: 246 seconds]
ur5us has quit [Remote host closed the connection]
<adam12>
(going by memory)
ur5us has joined #ruby
<openstruct>
Oh yeah, it does look very similar
hutch has joined #ruby
fphilipe has joined #ruby
ur5us has quit [Ping timeout: 264 seconds]
fphilipe has quit [Ping timeout: 250 seconds]
ElFerna has joined #ruby
SeepingN has quit [Remote host closed the connection]
baojg has joined #ruby
ur5us has joined #ruby
sgen has quit [Ping timeout: 244 seconds]
AJA4350 has quit [Quit: AJA4350]
lucasb has quit [Quit: Connection closed for inactivity]
bambanx_ has joined #ruby
bambanx has quit [Ping timeout: 246 seconds]
fp- has joined #ruby
SuperLag has quit [Remote host closed the connection]
xfbs has quit [Read error: Connection reset by peer]
luminousnine has quit [Remote host closed the connection]
luminousnine has joined #ruby
luminousnine has joined #ruby
luminousnine has quit [Changing host]
deepreds1 has joined #ruby
xfbs has joined #ruby
<leftylink>
&>> :works
<rubydoc>
stderr: /home/carcin/carcin/sandboxes/ruby/sandboxed_ruby2.6.0: error while loading shared libraries:... check link for more (https://carc.in/#/r/7fna)
deepredsky has quit [Ping timeout: 245 seconds]
phaul has quit [Quit: :wq]
rushsteve1 has joined #ruby
brool has joined #ruby
dinfuehr has quit [Ping timeout: 258 seconds]
Swyper has quit [Remote host closed the connection]
troulouliou_div2 has joined #ruby
dinfuehr has joined #ruby
ravenous_ has joined #ruby
Swyper has joined #ruby
ravenous_ has quit [Ping timeout: 276 seconds]
Bounga has joined #ruby
sgen has quit [Ping timeout: 248 seconds]
ur5us has joined #ruby
gix has quit [Ping timeout: 272 seconds]
Swyper has quit [Remote host closed the connection]
Bounga has quit [Ping timeout: 264 seconds]
yann-kaelig has quit [Quit: yann-kaelig]
yasumi2136__ has quit [Remote host closed the connection]
gix has joined #ruby
sgen has joined #ruby
Swyper has joined #ruby
grilix has quit [Ping timeout: 246 seconds]
AJA4350 has quit [Remote host closed the connection]
Skaterhaym has joined #ruby
AJA4350 has joined #ruby
bitwinery has quit [Ping timeout: 248 seconds]
leitz has quit [Quit: Leaving]
KeyJoo has quit [Quit: KeyJoo]
Skaterhaym has quit [Read error: Connection reset by peer]
dinfuehr has quit [Ping timeout: 248 seconds]
bmurt has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
dinfuehr has joined #ruby
queip has quit [Ping timeout: 276 seconds]
schneider has quit [Ping timeout: 276 seconds]
AJA4350 has quit [Remote host closed the connection]
AJA4350 has joined #ruby
Technodrome has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
AJA4350 has quit [Client Quit]
queip has joined #ruby
AJA4350 has joined #ruby
dionysus69 has quit [Ping timeout: 245 seconds]
Technodrome has joined #ruby
SeepingN has joined #ruby
Swyper has quit [Remote host closed the connection]
fphilipe_ has joined #ruby
Swyper has joined #ruby
Technodrome has quit [Remote host closed the connection]
Swyper has quit [Remote host closed the connection]
ellcs1 has quit [Ping timeout: 250 seconds]
Swyper has joined #ruby
Swyper has quit [Remote host closed the connection]
ellcs1 has joined #ruby
Swyper has joined #ruby
oetjenj has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
tdy has quit [Ping timeout: 244 seconds]
oetjenj has joined #ruby
oetjenj has quit [Client Quit]
Swyper has quit [Remote host closed the connection]
oetjenj has joined #ruby
oetjenj has quit [Client Quit]
oetjenj has joined #ruby
oetjenj has quit [Client Quit]
Swyper has joined #ruby
Swyper has quit [Remote host closed the connection]
snickers has joined #ruby
Bounga has joined #ruby
reber has joined #ruby
troulouliou_div2 has quit [Read error: Connection reset by peer]
Bounga has quit [Ping timeout: 252 seconds]
Bounga` has joined #ruby
Swyper has joined #ruby
ravenous_ has joined #ruby
Swyper has quit [Remote host closed the connection]
troulouliou_div2 has joined #ruby
Bounga` has quit [Remote host closed the connection]
Bounga` has joined #ruby
ravenous_ has quit [Ping timeout: 276 seconds]
code_zombie has quit [Quit: Leaving]
wymillerlinux has quit [Remote host closed the connection]
reber has quit [Remote host closed the connection]
amateur_rubyist has joined #ruby
troulouliou_div2 has quit [Read error: Connection reset by peer]
Swyper has joined #ruby
queip has quit [Ping timeout: 272 seconds]
Swyper has quit [Remote host closed the connection]
queip has joined #ruby
poontangmessiah has joined #ruby
Swyper has joined #ruby
queip has quit [Ping timeout: 258 seconds]
grilix has joined #ruby
x86sk has quit [Quit: Connection closed for inactivity]
x86sk has joined #ruby
drnerdius has quit [Quit: Konversation terminated!]
akem-hp has quit [Remote host closed the connection]
akem-hp has joined #ruby
Swyper has quit [Remote host closed the connection]
queip has joined #ruby
sameerynho has quit [Ping timeout: 245 seconds]
sgen has quit [Ping timeout: 276 seconds]
dinfuehr_ has joined #ruby
dinfuehr has quit [Ping timeout: 272 seconds]
Bounga` has quit [Ping timeout: 252 seconds]
davor has quit [Ping timeout: 268 seconds]
davor has joined #ruby
Tuor has quit [Read error: Connection reset by peer]
Tuor has joined #ruby
sylario has quit [Quit: Connection closed for inactivity]
Swyper has joined #ruby
Swyper has quit [Remote host closed the connection]
greengriminal has quit [Quit: This computer has gone to sleep]
SeepingN has quit [Read error: Connection reset by peer]
SeepingN has joined #ruby
ravenous_ has joined #ruby
gix has quit [Ping timeout: 244 seconds]
stan_ has joined #ruby
tdy has joined #ruby
stan has quit [Ping timeout: 248 seconds]
Swyper has joined #ruby
ravenous_ has quit [Ping timeout: 276 seconds]
wildtrees has quit [Quit: Leaving]
queip has quit [Ping timeout: 276 seconds]
ElFerna has joined #ruby
snickers has quit [Ping timeout: 258 seconds]
ElFerna has quit [Quit: ElFerna]
Fr4n has joined #ruby
Swyper has quit [Remote host closed the connection]