Abstract
The Hindu proxy is a mecanish for tunneling connections over networks which have gone thru a certified stupid security (CSS) clearance which esencially blocks the normal networking tools, like ssh, telnet, http, et all.
1. Overview of operations
When a capable human being needs to access a resource block by a policy implemented by the CSS, he/she needs to connect to a hindu proxy in order to accomplish a task, such as running cat on a file.
The luser connect to any chat service which is pre-connected to the hindu proxy, and sends a hi request.
The hindu proxy replies with a random phrase which normally means hi.
The luser being should write a request for the server with the server, protocol, user and pass, which must be pass in clear text.
The process above needs to be repeated until the luser receives a valid ack.
The luser should send a series of shell commands which must be sequential and can’t be chained together, to which he must be sure won’t fail to be parsed by whatever shell environment the hindu proxy connected to, ways to determine the actual shell are left to the implementer and will vary from vendor to vendor.
The hindu proxy will have a buffer of 1 command which may not be longer than the current lenght of his chat window, overflows will be ignored or interpret as carriage returns.
The hindu proxy will copy&paste the request from the chat into the shell, the actual method is implementation dependant, as well as the handling of errors and overflows.
The hindu proxy will wait a random ammount of time for a response from the real server, after which it will send the response “it’s not working”
If the above timeout is never reach the hindu proxy will utilize the above copy@paste rutine to send the results back to the luser
2. Error handling
All errors reported by the server may or may not be proxied back to the luser
All errors reported by the hundi proxy may or may not be proxied back to the luser
All errors reported by the IM system may or may not be proxied back to the luser
3. The copy&paste protocol
The hindu proxy may implement several ways of transfering data, the recommended implementation is to relay the operation to the underliying operating system, although must implementations today utilze the “read,switchwindow,type” protocol
4. Security considerations
This protocol is vulnerable to the following:
- someone reading you IM window
- someone reading the hindu’s IM window
- the hindu leaving his workstation unlock
- anyone with access to the hindu workstation as the log files have read access to everyone by default
- Any sniffing software
In case you didn’t notice that was a joke, as per warchief request there is an editable version here
5 comments ↓
Don’t you think it’s a little racist/offending to post something like this on a blog, out to the world? Just as I don’t like being thought of noisy/dummy/untrustworthy/disrespectful of laws just because I’m dominican (many dominicans are those things), I would think people from India wouldn’t like to be labeled just cause some of them may fall on the categories you listed.
In short geek terms, stereotypes = FTL
no idea what FTL means, probably I’m not that geeky
Dude it’s a joke come on…
Don’t like the comment either.
Is there a non geeky, non computer subject… or is that in another blog?
Sure, it’s a joke, and sure it may be funny under certain situations. But you’re doing it on a blog, out the world, meaning, many people may read it, including those who you are referring to. What’s to stop them from taking it as an personal insult?
PS: FTL = for the loose.
@ogre are you referring to the personal diary thingy? I don’t do that.
@ivan if it makes you fell better last week we implemented the hundi proxy over a gringo.
Leave a Comment