lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20100528161055.GJ28897@securityfocus.com>
Date: Fri, 28 May 2010 10:10:55 -0600
From: dm@...urityfocus.com
To: Nate Eldredge <nate@...tsmathematics.com>
Cc: bugtraq@...urityfocus.com
Subject: Re: Administrivia: Real domain names in PoC/exploit examples


On Fri, May 28, 2010 at 08:38:57AM -0700, Nate Eldredge wrote:
> On Fri, 28 May 2010, dm@...urityfocus.com wrote:
> 
> >And this is the sort of thing that would be appropriate:
> >- www.example.com (this is really the best way to go)
> 
> Except that www.example.com, while reserved according to RFC 2606, 
> actually resolves to a host with a web server (running, interestingly, 
> Apache 2.2.3 from circa 2006), which gives you a page telling you about 
> RFC 2606.  It appears to be run by the IANA.  So it might be polite not to 
> use this, so as not to attack the IANA by mistake.
> 
> Better would be the reserved TLDs from RFC 2606, which AFAIK should never 
> resolve at all: *.test, *.example, and *.invalid.  Unfortunately, 
> "www.foo.example" is less obviously a host name compared to 
> "www.example.com".
> 
> >- Some other place-holder that is not a valid domain such as <victim>,
> >etc.
> 
> That works too.
> 
> -- 

Okay, agreed. Let us not abuse IANA's poor little Apache 2.2.3
server. 

So, to sum up, these guys are good for exploit/PoC examples:

1. Place-holder such as <victim>.
2. Reserved TLDs from RFC 2606 such as *.test, *.example, and
*.invalid.


-- 
Dave McKinney
Symantec

keyID: E461AE4E
key fingerprint = F1FC 9073 09FA F0C7 500D  D7EB E985 FAF3 E461 AE4E

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ