GithubHelp home page GithubHelp logo

cdmchat's People

Contributors

erodrigufer avatar therealchisco avatar

Watchers

avatar avatar

cdmchat's Issues

Use local variables inside shell functions

cdmchat/libs/pretty_cli_lib.sh

Line 104 in f6fa841

File=$1

This isn't an issue right now, but it probably eventually will. The variable "File" should definitely be declared as a local variable inside the shell function, because if in any other sourced script a global variable with the name of "File" was declared, its value will be changed. Good practice: always declare variables inside functions as local, then their scope will end when the function terminates, and if they share a name with a global variable, only the local variable will be used inside the function.

-> test program after declaring variable as local and closing this issue ;)

Mac OS compatibility of ncat

cdmchat/modules/message.sh

Line 40 in 0405065

format_message | fold -w 50 | ncat $server $channel

ncat does not seem to be a native shell built in on Mac OS X under this name, it is rather referred to as just nc.
-> Work on UNIX compatibility by choosing appropriate function after finding out OS with uname

Using ncat to transfer messages: tldr we are playing with fire

Linux sysadmins: Understand ncat's power to avoid accidental security risks
Let me just quote the article:

"And now you see the real danger of using ncat as root. Malicious actors will set up such a shell on a clandestine port that's missed by a port scan and have full root access without authentication."

Let's maybe say, that we are not running the shell as a command from ncat, or that we are not giving ncat sudo rights server side (which we are doing by running it with user "hap"), it is still quite a shitty implementation because we are pretty much opening a port wide open, for anyone willing to inundate the chat_log with whatever they send to this port (since it does not need any authentication to allow the transfer of data). Let's think of migrating this to ssh, or something else. (Another possible solution is to allow only authenticated messages (see digital signature) per ncat to be added to the chatlog, but I think this still makes the service vulnerable to DoS). gg

ncat reamains open after closing window

After exiting application and closing the tmux session and panes when attempting to reconnect
we get the following error
Ncat: bind to :::5214: Address already in use. QUITTING.
Perhaps it's because we are not exiting the ssh session properly

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.