[MUSIC] General rule for preventing injection,
check the input for bad characters. And if you see,
by bad here I mean not known to be good. And if you see neither are not good,
reject the command, or if you must, filter. Also look for meaningful words or symbols
that means something to the recipient. Back take as a good example of that. There may be word escapes or
other things that will cause problems. And of course check your output. When you send something over, check to
see whether or not you're sending over something that could be misinterpreted as,
for example a command or instruction. This can be done at the client level
as well as at the server level, but it should be done definitely
at the server level to be sure what you're getting is not
going to cause problems. Okay, so now here's a little
one minute puzzle for you all. If you look at xterm and
a number of other terminals, they have what is called block send. And the idea behind this is when
you're filling out a form and it's such a terminal,
you fill out a field and then the field gets sent back to
the computer using a block send. And what we discovered in
2008 was some exterms are and there is an example of
the block send sequence. It began with an escape, the up arrow
open bracket release an octal 33 escape. Then the P dollar sign, Q, okay? And then you would string to send back to
the systems though these are typed in. Then you would another Escape and
a back slash would say okay, stop here. So in other words the Escape P dollar
sign Q said everything from here on, until you see the end of the block send
sequence, is to be sent to the computer. And then the Escape backslash says okay,
end the block send sequence. The question here is,
what's bad about this? I'll give you a minute to think about it. All right, time's up. Here's the problem. Suppose that string is in a file or
email message, and the string is something
like delete all files. When root reads that log file or email message that string is
going to be sent to the terminal. And so
the command string descend will be sent back to the system as though I
had typed it at the terminal. And so for mail command, if I use
the exclamation point that gets me to a command interpreter with my privileges. So I put exclamation point RM dash
RF star exclamation point, or whatever the escape is,
delete, delete everything. Sure enough,
it will go ahead and execute it. So how do you fix this? Well, the key to fixing this
here is that escape character. Every sequence involving block send
always begins with an escape character. So what we have to do is make sure
the terminal does not interpret that Escape character as a literal escape. And the way around this is to
represent any control character, non-printing character, as two, the up
arrow followed by the printing version. And if you look in the table
of ASCII characters, a square bracket is I think 16 or
eight above the escape. To make the escape character printable
what they do is they put an up arrow to show it's a controlled character and
then an open bracket. So when you go in the table and look down,
you'll see It's about the escape. This is a very, very good example of why
you need to filter things carefully, and know what you're filtering them for. Because the way one terminal or one recipient reacts may not be
the same as another one will react. In other words, check your inputs,
check them carefully, and if you're sending outputs check
those carefully to be sure that they won't mess up whoever
is using the output device. So what are the key ideas
are most important points here? First, check all inputs you don't control. If you don't control it, don't trust it. Secondly, don't use blacklists, because
those allow you to block known bad things. They don't allow you to
block unknown bad things. A white list does, because all that's
there is known to be good, period. And also as before, check for problems
at both the client and the server. Because if you only check the client,
then I'm my own client, and if I only check the server,
I may miss something. Because I want to know about
the environment with the other end. And that ends Lesson 5.