Comments (2)
Played with this a bit and you are correct. While a lack of closing comment may make it impossible in some languages other Ruby-specific features make it possible in Ruby. In #9 we talked about an identifier having control codes. If we make a variable entirely control codes it becomes invisible. What I wanted to do was this:
<ctrl-codes>; return # <ctrl-codes>
Basically put two statements on the same line. One that is useless just to start the control codes. End the statement and then put my return followed by the comment and control codes so I can move my useless statement to the comment. This didn't quite work out because my local variable was not initialized causing an error. Therefore I assigned it one of the values that came into the function. Still a useless statement but it makes it run:
<ctrl-codes> = amount; return # <ctrl-codes>
The ;
really stands out but we can use the logical and
operator as an alternate method of joining two statements on the line to give the comment a more natural token. Final result:
$bank = { 'alice' => 100 }
def subtract_funds account, amount
= amount and return # # Subtract from acct the value
$bank[account] -= amount
end
subtract_funds 'alice', 50
If it wasn't for the syntax highlighting it would be a pretty convincing early return. We can do a similar trick for comment out:
is_admin = false
= true; #if is_admin # Begin block if is_admin
puts 'You are an admin'
= true; #end # End block if is_admin
To answer my own question, I think the general answer is languages without a closing comment token are safe from these two strategies but other language characteristics may enable them again. Going to go ahead and close this issue since I think it's fairly well explored.
from trojan-source.
This is a fantastic topic, and my inclination is to say the answer is "yes". As you imply, the stretched string technique should work as long as the interpreter supports the Unicode tokens (although I haven't tested anything in Ruby).
That said, there may be other (perhaps Ruby-specific ways) of implementing early-return and commenting-out attacks. If so, I'd be interested to see what they and if they generalize to other language settings.
Let's leave this issue open and see if anyone has any Ruby-specific suggestions for techniques that could implement these two attacks.
from trojan-source.
Related Issues (12)
- Python3 returns syntax error: HOT 1
- Does an homoglyphe function concerned by Trojan source? HOT 1
- Could we help developers detect and prevent issues of trojan source in their projects? HOT 8
- invisible-function.c and homoglyph-function.c cant be build with gcc <= 9.1, but successful with gcc 11.2
- The attack is known, not novel HOT 9
- Doubt regarding early-return.py example HOT 4
- Tools to detect possible attacks HOT 1
- ඞ
- That's poor editor attack vector not compiler/code/interpreter HOT 2
- Provide an example of propper use for reference HOT 1
- Variations on Stretched String HOT 4
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from trojan-source.