|
anthonypants posted:le mods
|
#
?
Feb 13, 2015 00:15
|
|
|
|
| # ? Jun 7, 2024 04:49 |
|
|
please update the dns for security.yospos.net thanks
|
|
#
?
Feb 13, 2015 00:48
|
|
|
Segmentation Fault posted:reddit mods were le? color me shocked this is a good joke.
|
|
#
?
Feb 13, 2015 00:50
|
|
|
FCKGW posted:reddit has a subreddit for buying fake ids This is glorious.
|
|
#
?
Feb 13, 2015 07:14
|
|
|
[–]MousseNuckle 8 points 38 minutes ago Elite offered me a free ID in exchange for a pic of my real one about two weeks ago. Now my address seems to be flagged by customs. PM me for more info permalinksavereportgive goldreply
|
|
#
?
Feb 13, 2015 07:36
|
|
|
vOv posted:[–]MousseNuckle 8 points 38 minutes ago Elite offered me a free ID in exchange for a pic of my real one about two weeks ago. Now my address seems to be flagged by customs. PM me for more info permalinksavereportgive goldreply lmao at first i figured most of the people on there would have been dumb teenagers looking for fake ids so they could get alcohol but now that i think about it it was probably just a bunch of older people (apparently with real ids of their own even) using them for i dont even want to know what
|
|
#
?
Feb 13, 2015 07:43
|
|
|
vOv posted:[–]MousseNuckle 8 points 38 minutes ago Elite offered me a free ID in exchange for a pic of my real one about two weeks ago. Now my address seems to be flagged by customs. PM me for more info permalinksavereportgive goldreply jesus christo
|
|
#
?
Feb 13, 2015 08:19
|
|
|
i pmmed some random reddit user my credit card details and they stole money from me what to heck 
|
|
#
?
Feb 13, 2015 08:42
|
|
|
Jewel posted:i pmmed some random reddit user my credit card details and they stole money from me what to heck it's like bitcoin but with real money
|
|
#
?
Feb 13, 2015 10:15
|
|
|
Nintendo Kid posted:your conspiracy theory is that samsung will come back to a tv in 2 years to change the ads and make it upload everything you ever say to the nsa. noted. but yeah Main Paineframe posted:why would they bother adding audio sniffing functionality to tvs when you carry around a device with a microphone and network capabilities literally all day long
|
|
#
?
Feb 13, 2015 10:48
|
|
|
OSI bean dip posted:http://failheap-challenge.com/showthread.php?12731-Once-upon-a-time-these-guys-took-the-meta-seriously http://www.tentonhammer.com/node/65475
|
|
#
?
Feb 13, 2015 11:05
|
|
|
Saw someone tweet this just a little bit ago:quote:logging into a mysql shell prints password to logs. 
|
|
#
?
Feb 13, 2015 13:28
|
|
|
Jewel posted:Saw someone tweet this just a little bit ago: 
|
|
#
?
Feb 13, 2015 13:38
|
|
|
Jewel posted:Saw someone tweet this just a little bit ago: depends on how you do it if you do it like a chump then yeah
|
|
#
?
Feb 13, 2015 13:41
|
|
|
spankmeister posted:depends on how you do it if there's a chump way that does it there shouldn't be
|
|
#
?
Feb 13, 2015 14:17
|
|
|
Jewel posted:Saw someone tweet this just a little bit ago: What ? do you mean the shell history ?
|
|
#
?
Feb 13, 2015 14:34
|
|
|
Beeftweeter posted:lmao actually i can't think of what you could use them for other than underage drinking, since anything else would almost certainly be background checked and they would very quickly find out you're not the real hugh jazz
|
|
#
?
Feb 13, 2015 18:24
|
|
|
univbee posted:hugh jazz Immanuel Percius Freely TYVM
|
|
#
?
Feb 13, 2015 18:28
|
|
|
univbee posted:actually i can't think of what you could use them for other than underage drinking, since anything else would almost certainly be background checked and they would very quickly find out you're not the real hugh jazz in some parts of the us, pharmacies limit the amount of certain drugs and things (that contain precursors to meth - cough syrup, nail polish, whatever) that each individual can buy. you have to show photo id, and they keep track of how much everyone buys. so meth cookers.
|
|
#
?
Feb 13, 2015 18:28
|
|
|
also to give fake info when you trade in your buttcoins tho you wouldnt really need a physical id for that just a photoshopped one
|
|
#
?
Feb 13, 2015 18:45
|
|
|
Jewel posted:Saw someone tweet this just a little bit ago: it also shows up in ps if you do it the wrong way. idiot cjs.
|
|
#
?
Feb 13, 2015 19:01
|
|
|
gonna hack this panini haha. but no im really hungry! haha
|
|
#
?
Feb 13, 2015 19:02
|
|
|
https://www.whitehouse.gov
|
|
#
?
Feb 13, 2015 19:02
|
|
|
Winkle-Daddy posted:it also shows up in ps if you do it the wrong way. idiot cjs. list of circumstances where a program should be outputting the password in plaintext to a log file:
|
|
#
?
Feb 13, 2015 19:05
|
|
|
Main Paineframe posted:list of circumstances where a program should be outputting the password in plaintext to a log file: do you keep .bash_history turned off or do you just know better than to run 'command --username:root --password:p4ssw0rd!' from the terminal
|
|
#
?
Feb 13, 2015 19:08
|
|
|
also make sure you turn off sshd logs in case someone accidentally types their password into a username field by accident
|
|
#
?
Feb 13, 2015 19:11
|
|
|
Main Paineframe posted:list of circumstances where a program should be outputting the password in plaintext to a log file: MySQL isn't what's writing the password. Passing the password to MySQL as an argument gets it written to the .bash_history
|
|
#
?
Feb 13, 2015 19:22
|
|
|
maybe the os should just recognize it looks like a password and not write it to any logs???
|
|
#
?
Feb 13, 2015 19:28
|
|
|
mysql itself at least is smart enough to scrub it from the command environment so you can't see it in ps or /proc
|
|
#
?
Feb 13, 2015 19:36
|
|
|
You're right! I thought that used to show upcode:
|
|
#
?
Feb 13, 2015 19:40
|
|
|
why the hell would you type your password on the command line when you can mysql -u root -p and then tell it when it asks. This is not a secfuckup but a user fuckup.
|
|
#
?
Feb 13, 2015 19:45
|
|
|
you know it's because a bunch of people just have shell scripts all over the place with "mysql -u root -p hunter2" in them
|
|
#
?
Feb 13, 2015 19:46
|
|
|
anthonypants posted:do you keep .bash_history turned off or do you just know better than to run 'command --username:root --password:p4ssw0rd!' from the terminal sorry, i use a real os, not a child's toy
|
|
#
?
Feb 13, 2015 19:47
|
|
|
daft punk railroad posted:you know it's because a bunch of people just have shell scripts all over the place with "mysql -u root -p hunter2" in them you can find plenty of those in github
|
|
#
?
Feb 13, 2015 19:49
|
|
|
my favorite github security fuckup i've personally found was some french website's repo that used a (non-scrubbed) hardcoded password for the admin panel and also made the password the default contents of the password entry field on the live version of the site (i'm not going to actually name the site but it seems to be suspended now. i can't imagine why) e: it was also SQL injection city but that probably goes without saying Meat Beat Agent fucked around with this message at 19:57 on Feb 13, 2015 |
|
#
?
Feb 13, 2015 19:51
|
|
|
quote:Hello Chris Knight yeah they put the asterisks lmao
|
|
#
?
Feb 13, 2015 19:58
|
|
|
Chris Knight posted:yeah they put the asterisks lmao maybe that's your password tho
|
|
#
?
Feb 13, 2015 20:00
|
|
|
There's some guy who uses youtube URLs for his passwords because he can bookmark them and if anyone ever finds them (like if he accidentally pastes one into a chat window) then people will just assume he just accidentally copy/pasted it.
|
|
#
?
Feb 13, 2015 21:29
|
|
|
minato posted:There's some guy who uses youtube URLs for his passwords because he can bookmark them and if anyone ever finds them (like if he accidentally pastes one into a chat window) then people will just assume he just accidentally copy/pasted it. that's pretty clever actually
|
|
#
?
Feb 13, 2015 21:31
|
|
|
|
| # ? Jun 7, 2024 04:49 |
|
|
brb adding all common youtube urls to my cracking dicts
|
|
#
?
Feb 13, 2015 21:34
|
|