in reply to Re^3: Strict Clean JAPH
in thread Reaped: Strict Clean JAPH

Hi marto

I'd hope that this is obvious to most. It's not a good idea to send an "unknown" payload to a system which you do not own. The link I gave shows what the tool this script is based on (well, essentially is) does. It's downright dishonest to post this here under the guise of an obfuscated JAPH

Yeah, it was obvious without running the "obfuscation" that it opens a Socket and talks on it

What is not obvious is why that should be reaped

You offered a link as a reason to reap, but the link is also obfuscated :) it doesn't explain the reasoning

The posting qualifies under ?node_id=237057#obfu

The current guidelines say
To reap a highly offensive posting
Reap -- Please only do this for true troll posts and true duplicate posts.
reapage is not for useless, stupid, off-topic, and annoying nodes: ignore them
Obscure quite graphic material or material inviting legal action

So , where does sending unknown payloads to systems you don't own fall?

I think it falls under stupid/annoying...

Consider simple eval
Considered by idsfa: "Delete: Network based system exploit"! Final vote: (keep/edit/delete) = 6/4/21.
Unconsidered by davido: Keep and Edit votes were sufficient to block reaping. Caveat Emptor.

Consider Re: perl Tk help and Re^2: How should Perlmonks deal with Plagiarism? (legalese)

Hi marto

  • Comment on Re^4: Strict Clean JAPH (reap socket obfuscation)

Replies are listed 'Best First'.
Re^5: Strict Clean JAPH (reap socket obfuscation)
by marto (Cardinal) on Aug 10, 2014 at 08:25 UTC

    Point taken, it won't happen again. In my defence I felt pressured to do this quickly. A senior monk had mentioned in the CB that some investigation should be done to determine what this code does, in addition to this I couldn't be as verbose as I should have due to parenting issues. I did manage to discuss the issue in some detail in the CB a short while after raising the consideration.

[reply]

      There is no way to know what the code does... other than it being a vector for whatever code the author chooses to offer up at that IP address/port. When I saw this code I tried to download from the address but the service at that port had already been taken down.

      But it wouldn't have mattered if the code I had gotten was completely innocent. Because there is nothing to stop the author from changing what code is offered. The service can offer the same innocent code 99% of the time but add a malicious part 1% of the time.

      This type of code is simply unsafe to run. It is good that the node was reaped.

      - tye        

[reply]
[reply]
Re^5: Strict Clean JAPH (reap socket obfuscation)
by Anonymous Monk on Aug 10, 2014 at 14:06 UTC

    Where does spam/ads fall? Useless, stupid, off-topic?

[reply]
[reply]

        Sorta' sounds as though we should clear up the language of the rules

        IMO, Tye's right that code like this -- very possibly designed with malicious intent -- should be reaped.

        So, since the Gods have the authority to bless that, perhaps They should tell the sitedoc clan to fix the FAQs, etc.



        Quis custodiet ipsos custodes. Juvenal, Satires

[reply]

In Section Obfuscated Code