lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20041013200452.GM3218@suespammers.org>
From: rodrigob at suespammers.org (Rodrigo Barbosa)
Subject: Possibly a stupid question RPC over HTTP

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

This is called, in my experience, XML-RPC (google search with lots
of results). Reference: http://www.xmlrpc.com/spec

Yes, it is a Remote Procedure Calling implementation. No, it is not
the same things that the good old udp based RPC used for things
like NIS and NFS. References: RFC 1057 and RFC 1831.

That can be the source of confusion. Akin names.

On Wed, Oct 13, 2004 at 11:37:12AM -0400, Daniel H. Renner wrote:
> Daniel,
> 
> Could you please point out where you read this data?  I would like to
> see this one...
> > This may just reflect my ignorance, but I read (and found hard to
> > believe) that Microsoft has implemented RPC over HTTP. Is this not a
> > HUGE security hole? If I understand it correctly it means that good old
> > HTML or XML can invoke a process using standard web traffic (port 80)?
> > Is there any permission checking done? what things can be invoked by RPC
> > over HTTP? Jeeze, to me it looks like the barn door is now wide open. Am
> > I right, and if so, how can I detect RPCs in web traffic to block this
> > junk? Can ANY stateful packet filter see this stuff or is the pattern
> > too broad in allowed RPCs?
> > 
> > Again, I hope this is not a stupid question or inappropriate format for
> > this, as somebody else recently said, there is already enough noise on
> > this list. I would hate to see this list degenerate, it has been REALLY
> > valuable to me as a network engineer on occaison.

- -- 
Rodrigo Barbosa <rodrigob@...spammers.org>
"Quid quid Latine dictum sit, altum viditur"
"Be excellent to each other ..." - Bill & Ted (Wyld Stallyns)

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)

iD8DBQFBbYoGpdyWzQ5b5ckRAsMMAJ0bg5ygvKOa1Du66mbW9+gkYfTqVACfewf0
PPz66l4bre4Gtn1J4dYl6AQ=
=ZAmy
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ