[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Savannah-hackers-public] savannah's cgit seems to be broken or (wor
|
From: |
Askar Safin |
|
Subject: |
Re: [Savannah-hackers-public] savannah's cgit seems to be broken or (worse) attacked |
|
Date: |
Fri, 6 Sep 2024 11:43:44 +0300 |
On Thu, Sep 5, 2024 at 11:38 PM Bob Proulx <bob@proulx.com> wrote:
> Hello Askar,
I cannot reproduce this anymore.
I noticed strange links 5 Sep 19:25 UTC at
https://git.savannah.gnu.org/cgit/ . In Chromium 121.0.6167.160 with
lots of extensions installed (but most of them are authored by me, and
I don't think they damaged the page).
But now (6 Sep 8:28 UTC) I don't see strange links. In the same browser
> Assuming that you have not installed a corporate or
> government https certificate to enable use of their MITM proxy
This was https. I use usual customer ISPs. No special certificates are
installed.
Let's look again at the original strange URL. If we do URL-decode, we
will get this:
===
https://git.savannah.gnu.org/cgit/akfquiz.git/plain/srcbin/',
ScriptName, grIcon
'/cygbuild.git/tree/achatina.git/akfavatar.git/auctex.git/log/3dldf.git/8sync.git/tree/3dldf.git/tree/woodchuck.git/tree/guix/dhcp.git/rcs.git/tree/elisp-es.git/
===
This looks like SQL-injection or similar. Or maybe some mishandling of
strings. I suggest searching for "ScriptName, grIcon" in your
codebase.
--
Askar Safin