I noticed that the rules of this community prohibit posting of "cheats." However, I am curious on the policy of research and educational focused focused exploits. I am looking to write some exploits to demonstrate some of the potential security issues. I am mostly interested in man in the middle attacks but I will likely also look for ways to attack a public facing server. Since Minetest seems to lack SSL I think it will be a lower hanging fruit to attack. My hope is to come up with an attack and then find fixes to patch security issues.
I absolutely realize that this could end up being used to attack public servers and to cause harm. My intention is to create awareness and to educate myself as well as others. I am posting this in order to get some feedback on my idea. I'd rather not create to much surprise.
Policy on proof of concept exploits
- Blockhead
- Moderator
- Posts: 2021
- Joined: Wed Jul 17, 2019 10:14
- GitHub: Montandalar
- IRC: Blockhead256
- In-game: Blockhead Blockhead256
- Location: Land Down Under
- Contact:
Re: Policy on proof of concept exploits
If you can help to improve the security of Minetest, you should definitely do so, it would be appreciated.
Should you find a security flaw, you should responsibly disclose it with the instructions on GitHub so the core maintainers can fix it. After a release is made with a patch and the security advisory published, you should then be able to freely discuss your findings.
MitM attacks are quite obvious on Minetest, since the only encrypted thing in the protocol is the password exchange with SRP. The main mitigating factor is we usually expect the intermediate nodes between client and server to be trustworthy. Adding encryption is tracked as issue #10206.
There are risks to both clients and servers. Client-side modding is rare, but an attack from a bad actor running a server causing an RCE would be quite bad (hypothetically). Servers face issues like breaking out of the Lua sandbox, modifying unauthorised files or other mods, malformed packets from clients, among other hypothetical scenarios.
Should you find a security flaw, you should responsibly disclose it with the instructions on GitHub so the core maintainers can fix it. After a release is made with a patch and the security advisory published, you should then be able to freely discuss your findings.
MitM attacks are quite obvious on Minetest, since the only encrypted thing in the protocol is the password exchange with SRP. The main mitigating factor is we usually expect the intermediate nodes between client and server to be trustworthy. Adding encryption is tracked as issue #10206.
There are risks to both clients and servers. Client-side modding is rare, but an attack from a bad actor running a server causing an RCE would be quite bad (hypothetically). Servers face issues like breaking out of the Lua sandbox, modifying unauthorised files or other mods, malformed packets from clients, among other hypothetical scenarios.
/˳˳_˳˳]_[˳˳_˳˳]_[˳˳_˳˳\ Advtrains enthusiast | My map: Noah's Railyard | My Content on ContentDB ✝️♂
Who is online
Users browsing this forum: No registered users and 0 guests