Exploiting Protocols for Fun

Oct 22, 2022

What happens when protocols are used for wildly different purposes than their intended ones?

A filesystem over ping – "true cloud storage" uses the small number of bytes that can be stored in a ping payload that must be returned to the sender. PingFS implements a FUSE endpoint that continuously sends the files over ping to keep them "alive" without having to write to an actual filesystem.

A filesystem over DNS – Ben Cox found open DNS resolvers that would cache his data in TXT records.

IPv4 through DNS – Tunnel IP data through a DNS server. Useful for bypassing an internet firewall where only DNS queries are allowed. One way to get free WiFi on an airplane (a bit slow on today's internet).

Battleships over BGP – Ben Cox also found that you could share a small amount of arbitrary data via BGP communities – extra data that is often used for traffic engineering or dynamic routing policies. He used this to play Battleships with a peer. You can read a short intro on BGP here, motivated by Facebook's global outage last year around this time.

Outside of protocols, there's the list of Accidentally Turing Complete programs that provide an (unintentional) escape hatch to run other arbitrary programs. As well as steganography, e.g., encoding arbitrary data into image files.