jeztek / deadchat Goto Github PK
View Code? Open in Web Editor NEWgroup chat with end-to-end encryption
License: BSD 3-Clause "New" or "Revised" License
deadchat's Issues
deadchat leaks username on connect or disconnect from a room
Ok, got the Go server running on an Ubuntu 13.04 box, as well as the Python client.
Running
tcpdump -i lo -vvv -s0 -X port 6150gives me packets such as this when connecting or disconnecting:
00:17:01.973799 IP (tos 0x0, ttl 64, id 41295, offset 0, flags [DF], proto TCP (6), length 73)
localhost.6150 > localhost.42817: Flags [P.], cksum 0xfe3d (incorrect -> 0x345e), seq 1:22, ack 12, win 342, options [nop,nop,TS val 23308011 ecr 23308011], length 21
0x0000: 4500 0049 a14f 4000 4006 9b5d 7f00 0001 E..I.O@.@..]....
0x0010: 7f00 0001 1806 a741 5404 07a4 4896 6520 .......AT...H.e.
0x0020: 8018 0156 fe3d 0000 0101 080a 0163 a6eb ...V.=.......c..
0x0030: 0163 a6eb de00 0000 1004 4c65 6674 7920 .c........Lefty.
0x0040: 636f 6e6e 6563 7465 64 connected
00:21:57.311943 IP (tos 0x0, ttl 64, id 41298, offset 0, flags [DF], proto TCP (6), length 76)
localhost.6150 > localhost.42817: Flags [P.], cksum 0xfe40 (incorrect -> 0x8086), seq 167:191, ack 144, win 342, options [nop,nop,TS val 23381846 ecr 23381846], length 24
0x0000: 4500 004c a152 4000 4006 9b57 7f00 0001 E..L.R@[email protected]....
0x0010: 7f00 0001 1806 a741 5404 084a 4896 65a4 .......AT..JH.e.
0x0020: 8018 0156 fe40 0000 0101 080a 0164 c756 [email protected]
0x0030: 0164 c756 de00 0000 1304 4c65 6674 7920 .d.V......Lefty.
0x0040: 6469 7363 6f6e 6e65 6374 6564 disconnected
Leaking a username in plain text is probably not desireable in this case, especially as SSL is not yet implemented.
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.