tmsr - Search: " T"

112200+ entries in 0.46s

mircea_popescu: asciilifeform well, some ip apparently. i dunno, going through teh logs.

mircea_popescu: wget WILL time the netcard for you, the netcard has dma, that's the wholew story.

asciilifeform: nobody seems to know who or what ran the wget

mircea_popescu: (consider, the way linux works today, if i can run wget as a user i can take the box, the memory leaks.)

douchebag: When I geoip'd that IP adddress

mircea_popescu: asciilifeform the pic shows that he got "something" to load a file from his filehost. supports the theory that has rce, if he can run wget he can run plenty.

trinque put a rather beefy node in the pizarro rack at 161.0.121.250

mircea_popescu: douchebag dood is building the UCI before we even have it lmao.

a111: Logged on 2018-04-03 12:39 douchebag: the IP address begins with 174.108

mircea_popescu: http://btcbase.org/log/2018-04-03#1792259 << did this ever come to anything then ?! ☝︎

BingoBoingo: douchebag: The added value in running more nodes is generally spreading the network geographically, etc. There's little value in adding yet another nominal node to the same box or AWS freakshow

a111: Logged on 2018-04-03 12:51 mod6: meanwhile, we should probably replace that bot functionality asap. we need a way to get VWAP recorded in here daily.

mircea_popescu: douchebag generally it runs on actual dedicated machines, rather than vps.

douchebag: My machines are capable but if I'm going to be running a node, it would probably be best to have a dedicated VPS to do so

mimisbrunnr: Logged on 2018-04-03 14:25 douchebag: Hey, would you guys be able to show me up a pizarro shell for trb?

ben_vulpes: http://logs.bvulpes.com/trilema?d=2018-4-3#324705 << do you not have a machine capable of building trb?

a111: Logged on 2018-04-03 12:29 shinohai: Also, trinque is your www of wot not updating at this time?

mircea_popescu: http://btcbase.org/log/2018-04-03#1792250 << iirc they were compiled once a day. ☝︎

BingoBoingo: mircea_popescu: Maybe that's what it was.

mircea_popescu: (they, self-importantly, didn't want to give self up to #b-a, because of course http://trilema.com/and-in-todays-lulz-the-obnoxious-cocksucker )

a111: Logged on 2018-04-03 12:30 shinohai: http://logs.bvulpes.com/trilema?d=2018-4-3#324610 <<< I'm sorry, been working on my new book "How to set chmod permissions in under 1 minute so users can log into their shell, and other things isp ops should know!" .... but I'll look into that as time permits.

mircea_popescu: http://btcbase.org/log/2018-04-03#1792252 << lol wait, is he on the list of pizarro victims, with thewhet, minigame an' so on ? or what dramas am i missing here ? ☝︎

BingoBoingo: Roughly coincided with the GAW miners drama.

BingoBoingo: trinque: Remember the "Reddit Police" DDoS bot?

trinque: douchebag: consider that if you figure out which box responded to you, you at the very least can improve some Lord's bot for him, maybe lobbes' archivebot slurped it? At best, (if it was done in PM), you've got something else listening in, slurping things up.

asciilifeform: and yes BingoBoingo i did think of the item you mentioned, and already prepared it, it ought to satisfy

BingoBoingo: Buenas Tardes

asciilifeform: hey BingoBoingo , possibly i already asked this a while back and then lost -- but plox to gpg me a postage addr where you can get mail. i want to try experiment.

BingoBoingo: In other news, the nose is mostly under control. South American cold still has my energy rather zapped. The Incan nurse however did apologize last night. ☟︎

BingoBoingo: douchebag: On MPEx, there's proxy issues being sorted out. Sometimes the proxies run away and MP has to chain them back to his Ex

mimisbrunnr: Logged on 2018-04-03 15:01 asciilifeform: http://btcbase.org/log/2018-04-03#1792252 << there is still time to turn back from nubbinsing, shinohai

mimisbrunnr: Logged on 2018-04-03 15:20 shinohai: http://logs.bvulpes.com/trilema?d=2018-4-3#324728 << one could also behave a bit more becoming of a "Lord" and wait until official defrocking occurs before leading the negrate charge?

douchebag: last time I tried looking there were so broken links ☟︎

douchebag: I can have some ready tonight if you can link me to where qntra shares are traded

BingoBoingo: roughly convenience stores. The servicios tend to have better sandwiches

BingoBoingo: <mircea_popescu> so this upscale local market ("automercado") that stocks all the shit i buy and consequently got a multi-mn monthly account came up with the very dubious idea of running a promotion. one of those things where you get stickers with your receipt and then you fill a book ? in the terms of the master provisioneer, "they'll rue the day!". i think she's got like twenty of the things all lined up. << Here "automercados" are ☟︎

shinohai: I mean, i still can't play eulora because minigame.bz/ hasn't a server, but i certainly didn't negrate the lot of the #pizarro folks.

trinque: gpg me the full IP?

douchebag: I tried a number of different requests

douchebag: I have no clue - I woke up this morning and saw it in the logs

douchebag: Okay so what's the question?

trinque: yeah I followed that part the first time

douchebag: And I saw the file actually was requested with wget from an IP address I did not recognize

douchebag: trinque: I was just issuing commands to the bot

shinohai: ben_vulpes is also aware *why* checking if bot is in #trilema these days is kinda low on list of priorities, as i am in field and only read logs.

asciilifeform: shinohai: ben_vulpes made the reason for his neg quite unmysterious, imho

trinque: douchebag: I'm asking what the test was, which involved lolz.txt

mimisbrunnr: Logged on 2018-04-03 15:01 asciilifeform: http://btcbase.org/log/2018-04-03#1792252 << there is still time to turn back from nubbinsing, shinohai

shinohai: http://logs.bvulpes.com/trilema?d=2018-4-3#324728 << one could also behave a bit more becoming of a "Lord" and wait until official defrocking occurs before leading the negrate charge? ☟︎

trinque: auditor: "says here you talk like a fag, and your shit's all retarded"

douchebag: no clue, I just checked the logs and saw that lolz.txt was grabbed via wget ☟︎

trinque: what'd you do that got it to belch?

trinque: douchebag: that is not any of my IPs

asciilifeform: http://btcbase.org/log/2018-04-03#1792252 << there is still time to turn back from nubbinsing, shinohai ☝︎

asciilifeform: ( and typically very disappointing, usually quite uninspiring, stale '1000-days' )

asciilifeform: this is possibly foreign concept in 'web' world, but over here in the adult world people , for instance, read logs. every day. ☟︎

douchebag: Yeah I figured that was a possibility, I just figured I would mention that incase the code did get executed by anything unintentionally

asciilifeform: but i'll let him answer this one.

asciilifeform: tho the moar likely explanation is that trinque read the machine log, and, laughing, went to look at what was in yer intended payload url

douchebag: The code execution being wget the url provided in case of blind RCE

douchebag: asciilifeform: Basically last night I was sending commands in the bot that would lead to remote code execution

asciilifeform: http://btcbase.org/log/2018-04-03#1792258 << this pic is distinctly uninformative , i'd like to note ☝︎

a111: Logged on 2018-04-03 12:39 douchebag: the IP address begins with 174.108

douchebag: Hey, would you guys be able to show me up a pizarro shell for trb?

lobbes bbl; off to the saltmines

a111: Logged on 2018-04-03 08:00 ben_vulpes: anyone want to buy some electronics off amazon for me, get reimbursed in btc?

lobbes: how much fiat are we talkin'? If it is roughly under $500 I would be very interested >> http://btcbase.org/log/2018-04-03#1792246 ☝︎

lobbes: either way, I'll try and slap up a vanilla gribble on my pizarro shell later this night

a111: Logged on 2018-03-24 00:50 shinohai: I can tar the plugins up for you if you need 'em.

lobbes: I think shinohai was going to try and send me tars of jhvh1 sometime >> http://btcbase.org/log/2018-03-24#1789503 ☝︎

mod6: meanwhile, we should probably replace that bot functionality asap. we need a way to get VWAP recorded in here daily. ☟︎

mod6: shinohai, if you could bring that thing that'd be nice.

douchebag: If that's one of you, please contact me and I will help you resolve this issue

douchebag: I think I got remote code execution on someones box

shinohai: http://logs.bvulpes.com/trilema?d=2018-4-3#324610 <<< I'm sorry, been working on my new book "How to set chmod permissions in under 1 minute so users can log into their shell, and other things isp ops should know!" .... but I'll look into that as time permits. ☟︎☟︎

shinohai: Which brings me to:

shinohai: Also, trinque is your www of wot not updating at this time? ☟︎

mimisbrunnr: Logged on 2018-04-03 01:03 trinque: but, I would recommend a student go build his own by hand. doing so by reading my script would be fine, so long as you research every line to understand why that step was done.

shinohai: logs.bvulpes.com/trilema?d=2018-4-3#324450 <<< have used your script, and it's former incantaion from years ago - very useful things. My solution thus far is simply running a binhost locally, which is temporary as I try to tweak recipe for amd64.

ben_vulpes: anyone want to buy some electronics off amazon for me, get reimbursed in btc? ☟︎

deedbot: ben_vulpes updated rating of shinohai from 1 to -1 << ran off and took a rather useful tool with him

mircea_popescu: and in case anyone is missing the usagi era of bitcoin, it didn't end, it just moved on : http://behindmlm.com/companies/empower-network/david-wood-claims-he-can-heal-cancer-herpes-hiv-aids-diabetes/ ☟︎

mircea_popescu: "In March 2018, the blog had 7,556 page views and I made $27.09!!"

mimisbrunnr: Logged on 2018-04-02 16:54 mircea_popescu: we just discussed this ; s.nsa is at the most selling one of the two spares. ill run the numbers later an' give you an aye or nay.

ben_vulpes: http://logs.bvulpes.com/trilema?d=2018-4-2#324071 << how did these numbers come out?

mircea_popescu: and as it has to be said : you are not a man until you've played a browser game through curl, pipe and awk/sed.

mircea_popescu: sed + awk are the excel of posix.

mircea_popescu: and now consider something like cat *** | grep "data.maryland.gov" | awk '{print $19..$22}' | sort -u << "get me the fields 19th through 22nd, once only, and sorted alphabetically".

mircea_popescu: trinque i despise tools that make you escape. really, it's fucking dumb, let the metachar be settable so i can not need it.

mircea_popescu: lobbes here's a bonus : suppose you have a lengthy file (such as say a server log) and you want to extract just one column. you got awk : cat hurr.txt | awk '{print $3}' (and -F will set the delimiter if space's no good).

trinque suddenly regrets whatever space unescaping \/ is taking up in his skull.

lobbes: turns out the whole kibo site is only 40 mb or so, so I figured I'd try and mirror the whole thing (after browsing it last night, I realized that the meta aspects of the site are part of the fun)

mircea_popescu: yep. %%% is better than ///

lobbes currently hacking a script to convert all the absolute references in my downloaded kibo.com to relative

lobbes: finally sat down and learned some basic sed commands. I especially love the ability to chose an alternate delimiter; makes certain cases of escaping characters a breeze!

mircea_popescu: so this upscale local market ("automercado") that stocks all the shit i buy and consequently got a multi-mn monthly account came up with the very dubious idea of running a promotion. one of those things where you get stickers with your receipt and then you fill a book ? in the terms of the master provisioneer, "they'll rue the day!". i think she's got like twenty of the things all lined up.

douchebag: trinque: For my writeup, do you want exploits that can actively be exploited on trb or just exploits in the dependencies used?

mircea_popescu: https://preview.ibb.co/eODLsH/000561fd_fca2_e814_01a7_4981143cd1f1_958.jpg the typical gingerly first timer anal-izer.

trinque: lol nah I had one of those before, wrong jusrisdiction to straighten her out, as per the definitive trilema.