火球法师
精华
|
战斗力 鹅
|
回帖 0
注册时间 2019-1-30
|
前阵子gpg的公钥服务器又炸了,搜资料的时候发现这玩意的用户可填的邮件地址居然是个2000+字符长度的任意字符串
然后基于公钥服务器的原则,这个公钥被上传到服务器后就没法被删除...https://zhuanlan.zhihu.com/p/347396279
见"滥用"节
用于自动切割并上传文件的脚本仓库说明
So this basically works because you can have a UID(email address) that is 2048 characters in your PGP key, and from what I understand an unlimited amount of UIDs, perfect for dumping data on to the key-servers, Adding UIDs is a slow process by hand so I automated it using python, so you could dump any kind of file on the key servers. With some simple modifications you can dump plain text on to the key-servers containing any content you choose and watch it propagate through all the key-servers around the world. Once that has completed, the data is essentially impossible to be removed as said by the sks key-server Maintainer himself Kristian Fiskerstrand.
|
|