log☇︎
114100+ entries in 0.073s
trinque: anyone that wants to pwn deedbot might consider that it's a wrapper around gpg.
douchebag: I think you're projecting
a111: Logged on 2018-03-23 04:17 douchebag: you guys would just be like "Oh well you told us about the RCE and we fixed it before you could do anything with it"
mircea_popescu: http://btcbase.org/log/2018-03-23#1789035 << in trb you mean ? not likely. ☝︎
ben_vulpes: so is the kink shaming!
a111: Logged on 2018-03-23 04:14 douchebag: Okay, why do you guys liek arguing so much? Is this why you guys don't get anything done?
ben_vulpes: amazingly, rtfm only shows up in logs 41 times
mircea_popescu: im starting to understand that "the opposite of talking is not listening, the opposite of talking is waiting for your turn" quip may have been adequate in the early postmodern stage ; but by now it's truly a case of "work efficiency is most work with least read." chucka wins in the end.
ben_vulpes: oh yeah im supposed to be upset at the bigotry
trinque: hey, he called us fags. can't be that pantsuited.
ben_vulpes: or read the fucking help page omfg
mircea_popescu: douchebag it will reject unsigned material, look at what deeds it accepted in the past.
trinque: douchebag: so why would the deed command parse xml, let alone go look up a dtd?
a111: Logged on 2018-03-23 04:13 ben_vulpes: douchebag: what is the concept again that you have proven? i am still waiting for the explanation of what precisely this social engineering attack does.
mircea_popescu: http://btcbase.org/log/2018-03-23#1789025 << incidentally this is very tragically broken. what next, you're going to hold me to show mechanism of action of all poisons too ? ☝︎
ben_vulpes: i'll take a clue if you have one handy
mircea_popescu: look into the datastruct, there's black magick reasons.
ben_vulpes: oh for the motherloving fuck hole of sin trb won't sendmany with two outputs to the same address
mircea_popescu: no, i don't swing that way. the girls occasionally swoop in, but not commonly.
douchebag: You're into BDSM and having slaves and such right? Is that what the dudes you got in here are fof?
asciilifeform: bbut does it still privilege the speed of light!1!
a111: Logged on 2018-03-23 04:12 douchebag: asciilifeform: I'm not here to argue or to social engineer you. I provided a VALID proof of concept. Stop bitching about it and fix it.
mircea_popescu: http://btcbase.org/log/2018-03-23#1789020 << different paradigm, yo. it may be valid over there, but it's not valid over here. because reasons. ☝︎
douchebag: It will take as much time as it takes me
ben_vulpes: douchebag: how long do you figure this'll take?
trinque: (lets see if he can find the food pellets himself!)
douchebag: Alright, I don't need the source code to pwn your shit
ben_vulpes: if trinque likes you
douchebag: In that case, I'll get right to work
ben_vulpes: unlike the rest of the world i hold myself to the standard i hold it to
douchebag: So if I can pop any of your boxes and steal bitcoin - that's fair game?
douchebag: I read that, but I didn't think you were referring to yourselves
mimisbrunnr: Logged on 2018-03-22 19:33 ben_vulpes: oh and twist, douchebag skip the responsible disclosure fingertrap and fuck 'em hard.
a111: Logged on 2017-08-31 19:11 mircea_popescu: can't say i've encountered that many ; and can say that from actual lived experience, the "thinks he's jeddi" heuristic is a fine indicator for "head so far up ass the net result of sufficient whipping will be soap", ie http://trilema.com/2015/the-anal-child/
asciilifeform: ben_vulpes: there's quite likely enuff coin just in trb hotwallets, to buy a flotilla. and if you can get to it, it's as yours as your own nose, nobody could do a thing about it. so wtf are you doing fucking with php.
douchebag: you guys would just be like "Oh well you told us about the RCE and we fixed it before you could do anything with it" ☟︎
ben_vulpes: what, we'd argue with your sending btc to yourself?
douchebag: I have the feeling that even if I got remote code execution
trinque: dispense the food pellet already ben_vulpes. dude said smartwords.
douchebag: Okay, why do you guys liek arguing so much? Is this why you guys don't get anything done? ☟︎☟︎☟︎☟︎
asciilifeform: to the victor -- the spoils. take'em privkeys.
asciilifeform: for that matter, why does douchebag settle for small change of www ? a remote ex for trb or even prb will easily bring in enuff loot to buy a battleship. without having to convince anybody, i'll note, of anything.
ben_vulpes: i'm clearly just an amateur, but an advanced security consultant like yourself should have no troubles explaining it to a civvy
ben_vulpes: douchebag: what is the concept again that you have proven? i am still waiting for the explanation of what precisely this social engineering attack does. ☟︎
trinque: douchebag: the web as it is ought to burn; the notion that there are any professionals tending the shit adobe is hysterical.
douchebag: asciilifeform: I'm not here to argue or to social engineer you. I provided a VALID proof of concept. Stop bitching about it and fix it. ☟︎
asciilifeform: douchebag: go ahead and 'socially engineer' people who actually verify the pgp sigs on errything they touch. i'll interestedly watch.
douchebag: Listen, I understand that you're all upset that I made you look like an idiot for not sanitizing all user input. These are habits that are picked up after you learn about programming a secure web application.
ben_vulpes: or do i not understand how fake content works, because actually i'm certain that i don't understand what this gpg-signed fake content is.
ben_vulpes: consumers know not to trust websites without the magic green thingy
ben_vulpes: douchebag: but it doesn't have the ssl lock
ben_vulpes: funny how the twenty year old is fixated on growing up
douchebag: I'm not here to argue with you children about whether or not you would have fallen for the attack. I provided a valid proof of concept like any professional would do.
ben_vulpes: i'm going to need three rail cars of sugar and a fuckton of smallish pvc tubes
ben_vulpes: is this like fake news?
douchebag: Regardless of whether or not the javascript could do anything, it still allows HTML injection which can be used to publish fake content.
trinque: douchebag: this is not where you parade your idiocy dubbed personality and aspirations and have them validated
douchebag: Grow the fuck up
douchebag: How am I supposed to know the site was static?
douchebag: What the fuck is your guys deal?
ben_vulpes: but trinque what if someone visits a deedbot page and their browser executes it!?!?!
douchebag: Okay, I would be most useful if I could view the source of deedbot
trinque: they're going to what, steal your session on a static site?
trinque: I don't much give a fuck if someone puts a script tag in a deed.
trinque: something other than the xss snore.
ben_vulpes: i don't much give a shit, take some initiative and do something?
douchebag: Okay, do you want me to do a white box or black box audit?
ben_vulpes: many of these work in pm douchebag
deedbot: douchebag subscription to http://m9w6ub3sm0qzpk1x83zg2hkh78dz1o.burpcollaborator.net/lol.xml failed
douchebag: Okay so question about these bots
ben_vulpes: douchebag: don't tell me you lost your key
trinque: if he could discover where the wallet actually lives, I'd be mighty impressed.
ben_vulpes: mighta been asking an infantryman to fly a helicopter, who knows
trinque: I seem to recall this kid being told to do things, came back with his snowflake personality and american dream.
ben_vulpes: guten tag, trinque !
ben_vulpes: oh and other obvious pentesting targets douchebag: qrrqobg jnyyrg (rot13)
a111: Logged on 2018-01-26 19:46 douchebag: Well, I'm just trying to figure out where my skillset could be best put to use, I would be more than capable of writing a V implementation or setting up an IRC bot. I'm trying to leave it to you guys to tell me where my skillset could best be put to use
ben_vulpes: credit where credit is due, douchebag went from http://btcbase.org/log/2018-01-26#1777226 to http://btcbase.org/log/2018-03-22#1788527 (albeit a stealth admission of personal shortcomings) but contextual lulz of the week go to http://btcbase.org/log/2018-03-22#1788529 ☝︎☝︎☝︎
asciilifeform: http://babble-rnn.consected.com/docs/current-audio.html << for the impatient.
deedbot: http://qntra.net/2018/03/rising-african-political-star-criticises-poor-australia-no-black-people-to-exploit/ << Qntra - Rising African Political Star Criticises "Poor" Australia: "No Black People To Exploit"
mod6: douchebag: Let's raise the sig/noise ratio. Try to heed your betters in here. And do take some time to read the logs, they're enriching.
BingoBoingo: What is a Qntra submission if not the most responsible possible disclosure
ben_vulpes: oh and twist, douchebag skip the responsible disclosure fingertrap and fuck 'em hard.
BingoBoingo: mod6: Had to give the fellow a lead. Perhaps dude finds a vulnerability in Fedwire and resets the UnifiedStandardDosiedo chain? Submits article. For the young and broken that might be more productive homework than "write a V to understand why you are writing a V"
asciilifeform: ben_vulpes: in my experience 20yo who already took home xxx,xxx $ 'for' doing The Wrong Thing , is incurable. but it was worth a try. ☟︎
BingoBoingo: douchebag: Find a hole, have your fun and profit. Leave a note about the aftermath for Qntra.
mod6: We need to get to work, this is getting in the way. 0 signal, max noise.
ben_vulpes: lobbes: you should see the girls; i swear the only ones who aren't wholly corrupted by the anxiety machine are the 1st-generation ethnic imports who take care of my kid
mod6: BingoBoingo: re !!down that man. I don't have time to read through all this nonsense to pick out 3 important lines to pizarro.
BingoBoingo: lobbes: It's a hazard of pantsuit education. Fellow can get loaded up with training as a technician while being sideloaded with broken priors
lobbes: Right? Sucks, because he has more knowledge at 20 than I do now at 30. Sadly, also moar cockroaches
BingoBoingo: !!up douchebag Have you considered getting hard, poking around the internet for warm receptive holes, and submitting writeups to Qntra?
ben_vulpes: im kinda surprised to see the indoctrination so thick in a twenty year old
a111: Logged on 2018-03-22 19:15 douchebag: asciilifeform: You're not even worth responding to at this point, I think you're the one who wouldn't know 'if it bit you'
lobbes: http://btcbase.org/log/2018-03-22#1788893 << you know this wasn't personal right? (Pantsuitism trains emotional response to criticism, I know). He's trying to lead you to realise an important point for yourself  (this is a true beauty of this place, incidentally; can meaningfully confront the Self, if you are willing) ☝︎
mircea_popescu: mod6 im just going to bed o.O
mod6: How many man hours are being wasted on this?
mircea_popescu: (sub-subplot : calculate the probability of that statement being true ; show the math you used.)
mircea_popescu: douchebag so you covered say 80% of google's code and 70% of yahoos, and on this basis the 8`844`644 holes you found with yahoo makes you suspect the mere 2`333`156 holes found in google's schweitzer reflect a lesser per-cubit average of holes ?
douchebag: Because I've worked on pentesting both of them