Language:
switch to room list switch to menu My folders
Go to page: First ... 63 64 65 66 [67] 68
[#] Sat Feb 01 2025 15:51:02 UTC from Nurb432

[Reply] [ReplyQuoted] [Headers] [Print]

lol and back to scumbags..   

servicenow. hit their documentation pages, my entire browser is covered in "you got an ad block and cant load some content" slide outs ( i have popups blocked, they got around that  ) .  They eventually time out. But if you scroll, you get more.  According to Ublock, it removed over 40% of the page.    F-these people.   I ll be glad when i'm out of here.   i have never experienced such a bad company and terrible product in my life.  I thought Oracle was the top tier of scum. But no.

 

if i move to another entity later this year and not just retire, first question: "Do you now, or do you ever plan, on using service now" if yes, i walk out. ( or if its a virtual interview, just turn it off. )



[#] Sun Feb 02 2025 20:48:02 UTC from Nurb432

[Reply] [ReplyQuoted] [Headers] [Print]

( 2nd attempt to post after that above strangeness..  )

 

Did we get hacked, or someone find a way to break a room ( or ami broke :) )? And for what its worth when i posted in woof zone, and while it did apparently post, i was instantly transported here instead, with that mess above. 



[#] Mon Feb 03 2025 14:14:30 UTC from IGnatius T Foobar

Subject: Script injection attacks don't work here.

[Reply] [ReplyQuoted] [Headers] [Print]

We haven't been hacked, but some lowlife is trying:

Bottom Feeders> . Read User listing: katana
User Name                               Last Login
---------------------------------------------------------------- --------------
katana                                                           2025-02-03
katana;echo $((197 + 494))&echo $((197 + 494))                   2025-02-02
katana;echo $((7608 + 6438))&echo $((7608 + 6438))               2025-02-01
katana;echo XRGHKF$((94+17))$(echo XRGHKF)XRGHKF                 2025-01-18
katana'mLyZOU<'">uvKwpW                                          2025-01-17
katana'OROLvD<'">YfcWzW                                          2025-01-17
katana.print(system(phpinfo()))                                  2025-02-02

Hey there "katana", if you're reading this, script injection attacks can never work here.  Our server architecture makes it impossible.  Even if you managed to get the web code to misbehave, you'd still only be able to work within the confines of your own user session.  And guess what, kiddo: the protocol the web server uses to talk to the back end is both exposed to the public and fully documented.



[#] Mon Feb 03 2025 14:32:33 UTC from Nurb432

Subject: Re: Script injection attacks don't work here.

[Reply] [ReplyQuoted] [Headers] [Print]

lowlifes such as this need to be taken out to the square for presentation, then taken out back to turn them into fertilizer, like we did in medieval times.



[#] Mon Feb 03 2025 17:07:08 UTC from Nurb432

Subject: Re: Script injection attacks don't work here.

[Reply] [ReplyQuoted] [Headers] [Print]

Still at it.. new username popped up. Same idea just different numbers in the 'injection' part.



[#] Mon Feb 03 2025 18:32:19 UTC from darknetuser

Subject: Re: Script injection attacks don't work here.

[Reply] [ReplyQuoted] [Headers] [Print]

2025-02-03 14:14 from IGnatius T Foobar
Subject: Script injection attacks don't work here.
We haven't been hacked, but some lowlife is trying: Bottom
Feeders> . Read User listing: katana User Name Last Login
----------------------------------------------------------------
-------------- katana 2025-02-03 katana;echo $((197 +
494))&echo $((197 + 494)) 2025-02-02 katana;echo $((7608 +
6438))&echo $((7608 + 6438)) 2025-02-01 katana;echo
XRGHKF$((94+17))$(echo XRGHKF)XRGHKF 2025-01-18
katana'mLyZOU<'">uvKwpW 2025-01-17
katana'OROLvD<'">YfcWzW 2025-01-17
katana.print(system(phpinfo())) 2025-02-02

Hey there "katana", if you're reading this, script injection
attacks can never work here.  Our server architecture makes it
impossible.  Even if you managed to get the web code to
misbehave, you'd still only be able to work within
the confines
of your own user session.  And guess what, kiddo: the protocol
the web server uses to talk to the back end is both exposed to
the public and fully documented.


That, and Citadel is not PHP software.

[#] Mon Feb 03 2025 19:18:32 UTC from Nurb432

Subject: Re: Script injection attacks don't work here.

[Reply] [ReplyQuoted] [Headers] [Print]

Ya, i thought the same thing: They didn't do their research :)

Mon Feb 03 2025 18:32:19 UTC from darknetuser Subject: Re: Script injection attacks don't work here.

That, and Citadel is not PHP software.

 



[#] Mon Feb 03 2025 23:36:46 UTC from IGnatius T Foobar

Subject: Re: Script injection attacks don't work here.

[Reply] [ReplyQuoted] [Headers] [Print]

That, and Citadel is not PHP software.

Yes, there is that. :)

I suppose there could be two different objectives for an attacker. One would be to gain privileged access to the site. This is of course impossible, since the web server runs without privilege. The level of access one could achieve by breaking out of the intended session path is the same level of access we give all users, free for the taking.

The other objective, and possibly the more likely one, is that they just want to find a way to get it to offer them a shell. Then they can use the server as part of a botnet or something. Is such an attack possible? I'll bet it is. They'd need to download the source code for Citadel, figure out where it might have a *native* exploit (like a buffer overrun or something) and then penetrate the target system. If they were foolish enough to target the lead developer's own system they'd have less than a day before they were caught and locked out.

But of course, neither of these objectives will be achieved with script injection attacks, since we're not using PHP, we're not using SQL, we're not using any technology from which a script injection attack can do anything other than make your script crash. Because this software is written by maniacs who still develop everything in C except for the client-side browser interface. So go pick on the Rust zealots or something.

[#] Mon Feb 03 2025 23:39:13 UTC from Nurb432

Subject: Re: Script injection attacks don't work here.

[Reply] [ReplyQuoted] [Headers] [Print]

#3 would to be just to crash things.. "let it burn" so to speak.



[#] Tue Feb 11 2025 18:27:20 UTC from IGnatius T Foobar

Subject: Still at it.

[Reply] [ReplyQuoted] [Headers] [Print]

User Name Last Login
---------------------------------------------------------------- --------------
katana 2025-02-10
katana;echo $((197 + 494))&echo $((197 + 494)) 2025-02-02
katana;echo $((7608 + 6438))&echo $((7608 + 6438)) 2025-02-01
katana;echo $((779 + 4143))&echo $((779 + 4143)) 2025-02-03
katana;echo XRGHKF$((94+17))$(echo XRGHKF)XRGHKF 2025-01-18
katana;id 2025-02-11
katana'mLyZOU<'">uvKwpW 2025-01-17
katana'OROLvD<'">YfcWzW 2025-01-17
katana{${print(`echo 2025-02-11
katana.print(system(phpinfo())) 2025-02-02

Everyone feel free to send hate mail to the main "katana" account.

[#] Tue Mar 18 2025 11:57:48 UTC from Nurb432

[Reply] [ReplyQuoted] [Headers] [Print]

"Come March 28, those who opted to have their voice commands for Amazon's AI assistant Alexa processed locally on their Echo devices will lose that option, with all spoken requests pushed to the cloud for analysis."

 

All your data is ours. And the government.

 

"this is swat, open up or we kill you, we heard you threaten your spouse at 9:43pm"  "it was a freaking tv sho..   boom"



[#] Sat Apr 05 2025 13:49:45 UTC from Nurb432

[Reply] [ReplyQuoted] [Headers] [Print]

Ya, for just under 4 years, until its no longer 'politically beneficial' , then it will come back. And they will look at everyone history during that period, start bouncing people, and reporting them to the new federal administration as 'dissidents', to be rounded up for re-education. Zuckerburg is a scumbag just like Musk, dont trust him either.  

I do find it interesting its 'in the US'.  Money still wins over correctness. Cant lose that UK market. Nope.

 

~~~~~~~~~~~~~~~~

 

"Meta will shutter its fact-checking program across Facebook, Instagram and Threads on Monday, marking a major shift in the company’s content moderation strategy.

 

The announcement follows a January pledge by CEO Mark Zuckerberg to dial back censorship and restore “free speech” on Meta-owned platforms. Going forward, Meta will adopt a system modeled after X’s “Community Notes,” allowing users to affix context to posts with no penalties or content suppression — effectively ending the era of third-party fact-checkers rating and flagging information.

 

“By Monday afternoon, our fact-checking program in the US will be officially over,” Joel Kaplan, chief global affairs officer at Meta, wrote on X. “That means no new fact checks and no fact checkers. We announced in January we’d be winding down the program & removing penalties. In place of fact checks, the first Community Notes will start appearing gradually across Facebook, Threads & Instagram, with no penalties attached.”



[#] Mon Apr 14 2025 00:46:44 UTC from IGnatius T Foobar

Subject: This bottom feeder is still at it. Here's what I wrote to it.

[Reply] [ReplyQuoted] [Headers] [Print]

2025-04-13 20:45 from IGnatius T Foobar to katana
Subject: I see you
I see you, still trying to break this site with dictionary attacks.
What do you think is going to happen if you make it break? Do you
think you're going to get admin on the site? Do you think you're going
to get root on the server? You clearly don't know how this software
works because neither of those things are possible here.

May you wallow in freakish misery forever.

Feel free to dogpile this idiot.

[#] Thu May 22 2025 01:57:51 UTC from IGnatius T Foobar

Subject: Minecraft bottom feeders

[Reply] [ReplyQuoted] [Headers] [Print]

I didn't even know this was a thing. Apparently having a Minecraft server enrolls you in the "you will be very quickly port scanned" club just as fast as an SSH server or an SMTP server. My son started playing again so we set up a server. This was less than a week ago. Today we found, just days after launch, that some piece of shit from across the pond logged in and placed a bunch of permanent spam banners across the top of the screen and spawned a bunch of creatures that basically just laid waste to the entire world.

This is one more reason why the world would be a better place if I had access to nuclear weapons.

It turns out you can't do username/password authentication on a Minecraft server. You can whitelist usernames but only in "online mode" which means it has to be tied back to the mothership, which also means you can't use a pirated Minecraft. It'll be a cold day in hell before I give money to Microsoft.

We run in "offline mode" which is badly named because it isn't actually offline, it just isn't tethered back to the mothership. So for the time being I just took it off the Internet and we're running it only on the home network. I've heard there are mods available which can do passwords in a clunky way (I think you have to chat with it, like IRC). Although I bet it would be sufficient to just run it on a non standard port number, if the server is not being public advertised.

[#] Thu May 22 2025 15:18:00 UTC from Nurb432

Subject: Re: Minecraft bottom feeders

[Reply] [ReplyQuoted] [Headers] [Print]

I bet any online game does that. ( well, not the game itself, but you know what i mean )



[#] Thu May 22 2025 23:37:23 UTC from zelgomer

Subject: Re: Minecraft bottom feeders

[Reply] [ReplyQuoted] [Headers] [Print]

Use Tinc, create a friendnet, only open the server to the vpn.

[#] Fri May 23 2025 00:18:51 UTC from darknetuser

Subject: Re: Minecraft bottom feeders

[Reply] [ReplyQuoted] [Headers] [Print]

2025-05-22 15:18 from Nurb432
Subject: Re: Minecraft bottom feeders
I bet any online game does that. ( well, not the game itself,
but you know what i mean )


I operate a small set of online games and the servers don't call home. But yeah Minecraft was one of the first popular games that started being invasive, required being online for registering your copy and such crap. This is the main reason I didn't get into Minecraft back in the day: I didn't have fucking Internet to enable the game.

[#] Fri May 23 2025 13:53:42 UTC from Nurb432

Subject: Re: Minecraft bottom feeders

[Reply] [ReplyQuoted] [Headers] [Print]

I wasn't meaning the actual game servers that were 'bad', just that when you play some multiplayer games your IP 'leaks' to opponents, so the bad actors grab and use those.

Fri May 23 2025 00:18:51 UTC from darknetuser Subject: Re: Minecraft bottom feeders
2025-05-22 15:18 from Nurb432
Subject: Re: Minecraft bottom feeders
I bet any online game does that. ( well, not the game itself,
but you know what i mean )


I operate a small set of online games and the servers don't call home. But yeah Minecraft was one of the first popular games that started being invasive, required being online for registering your copy and such crap. This is the main reason I didn't get into Minecraft back in the day: I didn't have fucking Internet to enable the game.

 



[#] Fri May 23 2025 13:58:12 UTC from IGnatius T Foobar

Subject: Re: Minecraft bottom feeders

[Reply] [ReplyQuoted] [Headers] [Print]

Use Tinc, create a friendnet, only open the server to the vpn.

That's probably close to how it will end up eventually (although I hadn't heard of Tinc ... looking at that, it looks a lot like Tailscale)

For now we just closed up access from the outside, since there are only two of us playing and we're both on the local network.  He's sort of on the fence about who we're going to let in now.  If it's just people we know in meatspace, we can set them up with VPN or just run the server on a sooper-seekrit high-numbered port.  

As for Minecraft itself, turns out it's pretty easy to pirate.  I think Notch was ok with that, but M$ probably feels differently :)



[#] Fri May 23 2025 14:07:38 UTC from Nurb432

Subject: Re: Minecraft bottom feeders

[Reply] [ReplyQuoted] [Headers] [Print]

Why bother? just use opensource Minetest or something.    

Fri May 23 2025 13:58:12 UTC from IGnatius T Foobar Subject: Re: Minecraft bottom feeders
As for Minecraft itself, turns out it's pretty easy to pirate.  


 



Go to page: First ... 63 64 65 66 [67] 68