ctf icon indicating copy to clipboard operation
ctf copied to clipboard
verified publisher icon trailofbits

Bad links to references from within the repo

Open joshewilliams opened this issue 8 years ago • 6 comments

In several places throughout the guide, there are links to PDFs that point to files stored in this repo. Some of those links are wrong, because the 'ctf' directory in the path sometimes appear twice, for example Vulnerability Discovery -> Auditing Source contains links to PDFs for Essential C and TAOSSA Chapter 6: C Language Issues. Those links are:

https://trailofbits.github.io/ctf/ctf/vulnerabilities/references/EssentialC.pdf https://trailofbits.github.io/ctf/ctf/vulnerabilities/references/Dowd_ch06.pdf

They should be:

https://trailofbits.github.io/ctf/vulnerabilities/references/EssentialC.pdf https://trailofbits.github.io/ctf/vulnerabilities/references/Dowd_ch06.pdf

Other pages have the same issues, they are:

Vulnerability Discovery -> Auditing Webapps https://trailofbits.github.io/ctf/ctf/web/workshop/siberia.zip

Should be: https://trailofbits.github.io/ctf/web/workshop/siberia.zip

Exploit Creation -> Binary Exploits 1 https://trailofbits.github.io/ctf/ctf/exploits/references/formatstring-1.2.pdf https://trailofbits.github.io/ctf/ctf/exploits/references/tr-2007-153.pdf

Should be: https://trailofbits.github.io/ctf/exploits/references/formatstring-1.2.pdf https://trailofbits.github.io/ctf/exploits/references/tr-2007-153.pdf

Exploit Creation -> Binary Exploits 2 https://trailofbits.github.io/ctf/ctf/exploits/references/no-nx.pdf https://trailofbits.github.io/ctf/ctf/exploits/references/acsac09.pdf

Should be: https://trailofbits.github.io/ctf/exploits/references/no-nx.pdf https://trailofbits.github.io/ctf/exploits/references/acsac09.pdf

Those are the links that I found, but I'm sure I could have missed a few. Thanks for the awesome resource!

joshewilliams avatar Aug 08 '17 15:08 joshewilliams

Additionally Dino Dai Zovi and Tom Ptacek's reading lists no longer work: https://trailofbits.github.io/ctf/intro/careers.html#learn-from-a-book

briankung avatar Nov 06 '18 11:11 briankung

Thanks! Can you submit a PR to fix these relative links? Not sure how they got out of sync.

dguido avatar Nov 06 '18 17:11 dguido

I'm looking into it, but I can't recreate the issue locally (gitbook 3.2.3). I think it might be that you need ../ for relative links: https://seadude.gitbooks.io/learn-gitbook/content/chapter1/internal.html

However, locally, gitbook seems happy enough to produce the relative links without the leading ellipse: ../

I have a PR for the reading lists, however: https://github.com/trailofbits/ctf/pull/48

briankung avatar Nov 06 '18 18:11 briankung

Theoretically, if it's the leading ellipses, it should also affect these links, but it doesn't seem to:

<!-- vulnerabilities/binary.md: -->
[WinDBG x86 Cheat Sheet](/vulnerabilities/references/X86_Win32_Reverse_Engineering_Cheat_Sheet.pdf)

<!-- vulnerabilities/source.md -->
[Newspaper App](/vulnerabilities/source_workshop/news_server.c)
[Newspaper App Installer](/vulnerabilities/source_workshop/news_install.sh)

briankung avatar Nov 06 '18 18:11 briankung

Tom Ptacek's list : https://web.archive.org/web/20100611080322/http://www.amazon.com:80/An-Application-Security-Reading-List/lm/R2EN4JTQOCHNBA Dino Dai Zovi's list : https://web.archive.org/web/20161010074323/https://www.amazon.com/gp/richpub/listmania/fullview/R21POHD6Y2DOLQ

ThorodanBrom avatar Nov 11 '18 17:11 ThorodanBrom

The current lists can be found here:

  • Dino Dai Zovi: https://www.amazon.com/ideas/amzn1.account.AHMETKWTW3WIMNFDCKU6HJOTXOAQ/17DNK7MXJFZPF
  • Tom Ptacek: https://www.amazon.com/ideas/amzn1.account.AFLMETB3SIZ4WEOS2SKTP65RLQDQ/25GGLAA74Q7D4

Hopefully Amazon won't change their URLs again anytime soon, in which case the archive.org links would be handy. But until then these have already been merged in https://github.com/trailofbits/ctf/pull/48

briankung avatar Nov 11 '18 21:11 briankung