[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[or-cvs] [https-everywhere/master] try to detect homoglyph attacks by finding non-ASCII characters in rules

To: or-cvs@xxxxxxxxxxxxx
Subject: [or-cvs] [https-everywhere/master] try to detect homoglyph attacks by finding non-ASCII characters in rules
From: schoen@xxxxxxxxxxxxxx
Date: Sun, 31 Oct 2010 09:09:53 +0000 (UTC)
Delivered-to: archiver@xxxxxxxx
Delivered-to: or-cvs-outgoing@xxxxxxxx
Delivered-to: or-cvs@xxxxxxxx
Delivery-date: Sun, 31 Oct 2010 05:10:01 -0400
Reply-to: or-dev@xxxxxxxxxxxxx
Sender: owner-or-cvs@xxxxxxxxxxxxx

Author: Seth Schoen <schoen@xxxxxxx>
Date: Sun, 31 Oct 2010 02:09:38 -0700
Subject: try to detect homoglyph attacks by finding non-ASCII characters in rules
Commit: c0a0cb4759e8b581d3b28fa407aa76467767be47

---
 pending-rules/trivial-validate |   12 ++++++++++++
 1 files changed, 12 insertions(+), 0 deletions(-)

diff --git a/pending-rules/trivial-validate b/pending-rules/trivial-validate
index 7a10988..4087338 100755
--- a/pending-rules/trivial-validate
+++ b/pending-rules/trivial-validate
@@ -32,3 +32,15 @@ then
 else
   echo "-- Could not check XML validity because xmllint not found."
 fi
+echo
+echo "-- Rules containing non-ASCII characters (possible homoglyph attacks):"
+none=true
+for i in *.xml
+do
+  if egrep '(from|to)=' "$i" | tr -d '[:print:]' | tr -d '[:space:]' | grep . >/dev/null
+  then
+    echo "$i contains non-ASCII character(s)."
+    none=false
+  fi
+done
+$none && echo "(None.)"
-- 
1.7.1

Prev by Author: [or-cvs] [https-everywhere/master] convert DOS-style \r\n line terminators to Unix-style \n
Next by Author: [or-cvs] [https-everywhere/master 1/2] user-contributed rule for Kayak
Previous by thread: [or-cvs] [https-everywhere/master] convert DOS-style \r\n line terminators to Unix-style \n
Next by thread: [or-cvs] [https-everywhere/master 1/2] user-contributed rule for Kayak
Index(es):
- Author
- Thread