On Sat, 3 Oct 2009, Warren Togami wrote:
Can't trust those results yet. The trailing slash bug, and John Rudd might be correct about whitespace?
I doubt whitespace will be a problem. That would break the parser before it even got to the rule, and while "dom%20name.cn" might be syntactically valid would a registrar ever _accept_ such a domain name?
Examples solicited.
[^./]{8}\.cn
Actually, doesn't this match other characters that shouldn't be in a
domain name?
...is _anything_ (apart from periods) excluded from domain names these days? :)
Changed to \w{8} for testing. Can you provide examples of needing more than \w?
Then there are "valid" URL's like http://password:usern...@example.com/ not matched by this rule.
The URI parser apparently discards username:password@ from URIs: [6788] dbg: rules: ran body rule ALL_BODY ======> got hit: "http://fnord:b...@87654321.cn"; [6788] dbg: rules: ran uri rule CN_EIGHT ======> got hit: "http://87654321.cn";
Could you please add the following to the sandbox before tomorrow?# from http://www.apnic.net/db/ranges.html at 20091002, meta bits added # 20090930# copied from khop-bl.sa.khopesh.comheader __RCVD_VIA_APNIC Received =~ /(?-xism:[^0-9.](?:2(?:0(?:2(?:\.1(?:2(?:3\.(?:0?(?:[4-9][0-9]|3[2-9])|[12][0-9]{2})\.[012]?[0-9]{1,2}|[^3]\.(?:012]?[0-9]{1,2}){2})|[^2]3\.(?:012]?[0-9]{1,2}){2})|(?:\.[02]?[0-9]{1,2}){3})|3(?:\.[012]?[0-9]{1,2}){3})|(?:1[0189]|2[012])(?:\.[012]?[0-9]{1,2}){3})|1(?:(?:2[0123456]|8[023]|1\d|75)(?:\.[012]?[0-9]{1,2}){3}|69\.2(?:1[0-9]|2[0-3]|0[89])(?:\.[012]?[0-9]{1,2}){2})|(?:5[89]|6[01])(?:\.[012]?[0-9]{1,2}){3})(?:[\]\)\s]))/describe __RCVD_VIA_APNIC Received through a relay in Asia/Pacific Network meta CN_EIGHT_NOAPNIC CN_EIGHT && !__RCVD_VIA_APNIC && !ALL_TRUSTED describe CN_EIGHT_NOAPNIC .cn URI exactly 8 characters long, excluding APNICOne silly arbitrary rule, excluding prejudiced rule. This is still unsafe but should show us some interesting numbers.
Done. Not sure if the nightly is already running or not... -- John Hardin KA7OHZ http://www.impsec.org/~jhardin/ jhar...@impsec.org FALaholic #11174 pgpk -a jhar...@impsec.org key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79 ----------------------------------------------------------------------- USMC Rules of Gunfighting #6: If you can choose what to bring to a gunfight, bring a long gun and a friend with a long gun. ----------------------------------------------------------------------- Approximately 9127320 firearms legally purchased in the U.S. this year
