112100+ entries in 0.195s
mircea_popescu: lobbes you lopped off a digit from
the url ; it goes by #17924
mircea_popescu: lobbes
the only important consideration here is
that design is not a haphazard activity driven by occurence and circumstance.
that's implementation. design is a deductive activity, it proceeds from first principles and does not break faith.
☟︎ a111: Logged on 2018-04-03 16:57 BingoBoingo: In other news,
the nose is mostly under control. South American cold still has my energy rather zapped.
The Incan nurse however did apologize last night.
a111: Logged on 2013-05-06 02:54
tiberiusiv: miami is not like NYC lol
lobbes: To wrap back
to
this discussion, I
think I see your point.
There's no real reason
this craptop needs
to deal with
the user input at all. All I need it for is
to download, store and parse shit download from archive.is. >>
http://btcbase.org/log/2018-04-03#17924 ☝︎ a111: Logged on 2018-04-03 16:44 douchebag: last
time I
tried looking
there were so broken links
a111: Logged on 2018-04-03 16:36 BingoBoingo: <mircea_popescu> so
this upscale local market ("automercado")
that stocks all
the shit i buy and consequently got a multi-mn monthly account came up with
the very dubious idea of running a promotion. one of
those
things where you get stickers with your receipt and
then you fill a book ? in
the
terms of
the master provisioneer, "they'll rue
the day!". i
think she's got like
twenty of
the
things all lined up. << Here "automercados" are
a111: Logged on 2018-04-03 15:38
trinque: instead of whining about it, why not bring back said bot
mircea_popescu: douchebag alf lands in
the oriental republic sometime mid month ; you'll get your login
then, an' your first
task will be
to get
trb up on it ; and
the
tasks 2
throught 999 will be
to have fun.
mircea_popescu: this is neat. ok, chuck
the largest sd you can find in
there an' consider it sold.
douchebag: Well, I'm gonna grab a cigarette
to aid with
this excitement
mircea_popescu: yeah,
tell you what, i'll be as happy as you are once it's finally done.
mircea_popescu: asciilifeform i dunno he can arm... one
thing at a
time.
mircea_popescu: douchebag i'll get you a sever once
the pizarro folk unwrap
their heads enough
to actually have one on offer. so you can
tinker on gentoo,
trb etc and get out of
the "vps" bs hell.
☟︎ douchebag: I bet so many bots could be pwned with similar
techniques
lobbes: Anyways, archivetron's url snarf has been
temporarily disabled for obvious reasons. Will resume once I plug
these holes
tonight
douchebag: I appreciate
that, feel free
to reimburse it
though haha
mircea_popescu: lol. i was going
to buy you
the pro yearly package, actually. but since you already have it, no need :D
lobbes: Just know, I'm prolly
the easiest
target here :P
deedbot: mircea_popescu updated rating of douchebag from 1
to 2 << "your home machine's name is lobbes"
douchebag: Yeah no problem, it was pretty fun
to discover
lobbes: douchebag really
though,
this has been a wake up call
to get my shit
together.
Ty again
mircea_popescu: ben_vulpes i wasn't initially going
to say anything besides "nay" ; but hey, pizarro's a friend of ours, so : nsa would sell
the spare machine for cost, which is about .371. comes with
two fgs installed and free shipping.
☟︎ douchebag: I
think it's being passed into bash into a PhantomJS interpreter
mircea_popescu: lobbes well fine, but i was discussing
teh design as such.
there's no rule against "i have a crappy box for a server
that's not worth placing in a dc so it sits in garage", sure. nor is
there any rule against "i just simplified speech, called it homebox, it's not" -- but what you say is all i have
to go on,
that's all.
lobbes: mircea_popescu:
the logs, but it is an old craptop with an ssd dedicated
to public
toilet Only place I had
to store
the gbs of archive data.
douchebag: lobbes: If you want
to make a secure application, consider all user input as malicious
mircea_popescu: conceptually, if it's
talking
to you it's an infangwif ; if it's
talking
to
the outside it's an outsidewif. why are you fucking streetwalkers / sending
the wife
to walk
the streets ?
mircea_popescu: why is your home box doing work
that's not directed at you ?
lobbes: Oya. Hey,
this is
the peril of "learning as you go"
lobbes: Yeah really.
Thank you for uncovering
this (I am n00b, you will soon learn)
lobbes: I'll dig more into it
tonight once I'm in front of it all
douchebag: For you, I really do suggest fixing
that
lobbes: That is done
through a process where a python script reads from (ahhh now I
think I see where it may remotely execute) db and passes url via bash
to a phantomjs script which submits
to archive.is
douchebag: and how are you passing
these
to archive.is
lobbes: the bot operates from an external vps (not my home ip). Shoves urls into a db which my home box downloads and
then passes eaxh one
to archive.is.
douchebag: lobbes: How often does
the bot search ?
douchebag: Are any of
these
things being manually passed into bash commands
lobbes: Also not 100% positive if
that was my home ip, but charlotte nc is my residence. I'll confirm
that
tonight
douchebag: Can you send me links
to
the scripts ?
lobbes: Hmm interesting. Yeah
this was a few weeks ago iirc when I curiously grabbed one of yer payloads via wget
douchebag: on something
that looked like
that
lobbes: Actually, when was
this? I
think I may hace manually wgot
douchebag: Oh shit, and you never manually ran wget on
that IP
lobbes: douchebag aha I
think
that is my home ip. Plox do
test payload again
douchebag: Alright, give me a moment I just didn't want
to bother anyone with my payloads
BingoBoingo: Best case it's just
the FBI and
they are
too busy chasing imaginary Russians
to notice you walking away with
their server
douchebag: It it okay if I
test
this payload again right now
mircea_popescu:
http://btcbase.org/log/2018-04-03#1792298 << what do
these
two have
to do with each other anyway.
there should be a difference between doing wrong and not doing enough. not every burgher can be in
the
town council,
that dun mean he's bankrupt now or something, what
the hell.
☝︎ a111: Logged on 2018-04-03 15:24 douchebag: no clue, I just checked
the logs and saw
that lolz.txt was grabbed via wget
mircea_popescu: vulnerable home computers are pestilentially common ; did you get
to
the portion in
the logs where we logged into a shitton of servers administering solar panels ?
mircea_popescu: but very distantly read. it's a perl meatgrinder, i'm sure it misses most of
the meat.
a111: Logged on 2018-04-03 15:07 asciilifeform:
this is possibly foreign concept in 'web' world, but over here in
the adult world people , for instance, read logs. every day.
lobbes: Re: douchebag's recent wget payload: I can confirm
that it most likely wasn't my archivebot.
The bot doesn't download links directly, it stores list of urls found in chan and forwards
them
to
the archive.is submit form
mircea_popescu has noticed over
the years
that
the usage of screen is a sort of pons asinorum in computer usage. like
the oil rag cloth in a car distinguishes pisi
tourist from
the driver who actually maintains
the machinery ; or like condoms on
the nightstand distinguish
the woman from
the girl and so on.
lobbes is slowly assembling parts for his own home
trb node. Waiting on replacement cpu fan
to come in atm. Updates
to follow!
douchebag: It seemed
to be out of North Carolina if I remember correctly
douchebag: I did do a reverse search on
that IP address
though
douchebag: Actually, I exited out of
that - I'm able
to retrieve it but I need
to know
the proper request
to send. waiting on a response from
that right now
mircea_popescu: not entirely intractable
to discern whether human is involved or not.
mircea_popescu: this is a
theory we can easily verify. douchebag write f2c26beed4 on
the boxes'
tits or something. can you get it reliably ?