User Controls
Posts by SBTlauien
-
2016-11-21 at 8:35 PM UTC in I've forgot everything I've ever learned.You must have not used the language much. I still remember some BASIC from back in the 90's.
Next time, code a lot and you'll better retain it. -
2016-11-16 at 10:01 PM UTC in Let me vent about one of my two jobsOh my god I'm still working at this shit hole but I think the owner doesn't like me. So the chances of me getting fired goes up. I literally work as slow as possible and make mistakes.
Fucking employers. -
2016-11-15 at 5:09 AM UTC in So i was like: I am too elite for Mint.
Originally posted by Sophie (But not over 9000 of them like some other pentesting distros which is wholly unnecessary)
Someone might use them all. -
2016-11-15 at 5:05 AM UTC in Best security for my laptop
Originally posted by antinatalism Or even better, if your threat model includes the NSA
What type of folks would that be aside from terrorists? -
2016-11-15 at 5:03 AM UTC in Thinking about getting a new laptopMSI is what I was wanting. One for programming while out. Maybe some porn and legal PT. This is the one that I'm looking at buying.
https://www.amazon.com/MSI-GE72-Apache-Pro-003-i7-6700HQ/dp/B0150PK5UO
How does MSI compare to Gigabtye, as far as laptops go?
Price needs to be under $1500. Black color or similar. 17" or so. What do you suggest? -
2016-10-31 at 12:39 AM UTC in Come mess with my hidden service
Start proxychains with sudo, that should do the trick, and yeah sure, would you like me to post your link to a couple of forums i frequent?
This doesn't seem to work. I set my TOR browser up to use port 8181 as a proxy. I set ZAP to 8181. Both are on 127.0.0.1
Then I set ZAP to use an out going proxy on port 9050 and set the last line in the Proxychains config file to use port 9050.
My TOR browser stops working completely and won't work again at all. It says "this browser wirk work with TOR' but it is literally the TOR browser bundle. I have to unzip the original TOR browser download and redo it all.
I've followed sereral tutoruals but shit doesn't work. -
2016-10-28 at 12:25 AM UTC in Lanny
I was referring mote to the Tech section. That particular thread stands out. Tons of views.
I'm also wondering why you are trying to downplay all of this. I think I made some really good points. You're acting as if this is just the usual, but those of us who have frequented this community for years, know that this isn't typical. Not on this scale.
Even since the shutdown of Zoklet, it appears as if something is off. All I can think of is federal intervention. Taking over the forum(what's the need for javascript? I know at least one person has asked about this) and allowing illegal conversations and illegal vendors to spam(why would any admin that isn't FBI put themselves at risk like this?).
Things seem strange and I am constantly told(maybe by those who prefer to stay anonymous...) to ster clear.
Why is that javascript needed Lanny?
Of all the people, you should be able to quickly remove it, and I'm sure you know of the security risks. -
2016-10-24 at 5:08 AM UTC in LannyMaybe Lanny not saying anything, is his way of letting us know.
-
2016-10-24 at 3:43 AM UTC in Lanny
Have you been vanned yet?
No. I don't see why I would be, unless.....it was a rapist. :)If you are paranoid, you should run TOR everywhere from within an encrypted hidden volume VM. Then you never have to worry about these things ever again.
I'm not really. I mean, this community has criminals frequent it, and sure, I like to talk hypothetically about different types of crime, but I don't commit any. -
2016-10-24 at 3:26 AM UTC in Lanny
You are not important enough to homeland security.
The hacker was, and he posted here. Which means that Lanny is. And a warrant canary is worthless at this point.
I'm starting to wonder why each site shuts down...
Hunter - Just closed it.
Zok - apparently tired of it, but at least he let everyone know that he was subpenaed due to the coupon guy. He even posted a picture of the document.
Arnox - seemed like a pussy, but I still don't know why he shut his site down at the time. He has since reopened.
Idio - from what I remember it was a personal information leak. But Idio had kids and was married(I think) which likely made him/her not a good fit.
If Lanny did cooperate with the authorities(likely FBI or SS), I wouldn't hold it against him, but I would hold it against him for not letting us know. You're right that it's not his fault that some random hacker decided to announce his deeds on Lanny's site.
I just want to know, from Lanny, what happened, if anything... -
2016-10-24 at 12:47 AM UTC in LannyNot trying to point any fingers or accuse Lanny of anything, but someone brought something to my attention that I seemed to have missed before. I do plan on being a part of this community and website and the new web forum that Lanny is building, solely because I really have no reason not to, but I do have to ask you Lanny...
http://niggasin.space/forum/technoph...security-holes
A while back there was someone that went by the username "Mr. High", and this user made a thread(link is above, also this thread has over 1000 views which is not typical and shows the traffic it alone generated) about how he hacked a bunch of websites and we all thought he was some troll just bull shitting. However, like a week or two later, he started posting links to news articles that seemed to line up with exactly what he had said. I first thought it was all bull shit and that he faked the articles(like one of those try-hard trolls), but they were all legit. Below are a couple, but take close note of the second article and the fact that it directly links to this site(ran by Lanny) and clearly shows that this hacker was a part of this forum.
http://www.usnews.com/news/business/...a-in-northwest
https://www.databreaches.net/four-st...g-sites-hacked
Now lets break this down, because someone did that for me and I have to admit I am a bit convinced, although I really hope that Lanny, or anyone, can convince me that what I was convinced of, isn't true.
0. Homeland Security(that's MILITARY) and the FBI investigated/investigating this
1. This was four websites at once, four big websites containing serious personal information.
2. Both Homeland Security and the FBI, undoubtedly knew quickly that this hacker had been part of this forum.
3. I was told that alone would be enough to get a subpena/warrant for this website.
4. They almost certainly served a subpena/warrant for this websites.
5.....Everything just went on as normal, as if nothing happened. Just another day at the station
I just can't help to believe that Lanny was served with a subpena/warrant, and he decided for whatever reason(maybe because he's a college graduate and doesn't want to risk throwing away his career), to not say anything to the community.
Now I could be wrong, convinced by someone that's upset with Lanny, trying to sabotage Lanny's reputation and commitment to this community. So don't get upset Lanny and take this as an attack, and don't think that I'm personally trying to stir up shit, because I'm not.
I just want to hear from you, what happened with this incident?
Were you contacted? -
2016-10-23 at 6:36 AM UTC in Renting out a whizzinatorFake urine kits are only like $20. I see no need for a fake penis.
-
2016-10-23 at 5:40 AM UTC in Let me vent about one of my two jobs
Just start doing lots of meth and make them fire you and get government paid medical leave for mental illness from doing lots of meth and take a year off
I had considered quiting the retail job and then getting fired to collect unemployment, but I honestly would have to make it obvious that I'm trying to get fired. They are really leanent due to all of the problems they have. -
2016-10-23 at 3:11 AM UTC in Anyone want to help me write some less terrible forum software?Looks better than mine. Just make sure there aren't any errors please.
-
2016-10-23 at 2:51 AM UTC in Let me vent about one of my two jobsAlright, so how do I turn in a two weeks notice? I know it's easy, but I've only done it twice because I usually get fired to collect unemployment but I can't collect unemployment because I still have a retail job that I can go full-time at.
I was thinking that I'd walk up to my manager, on a Friday(so that my last day is on a Friday) and tell him that I'd like to talk with him. I'd start off by saying that I've been thinking a lot about the job and that I don't think it's a good fit for me. I'd then let him know that I've giving him my two weeks notice and hand him the below letter. I would then ask if he wants me to stay for those two weeks. If he tries to talk about what I don't like about the job, which I think he will(because it's going to be a bitch for them to keep anyone around...before me, everyone quit after like a month), I'm not going to actually tell him that I don't like the people I work with. I'll just say that I'm looking for something else and that I'm going to go full-time at my retail job(which I wont because I want to be part-time for more computer-time (: ).
Obviously I wont talk shit about anyone in my last two weeks.
Sally Brumice Theodore
1234 Abc ST
City, State, 123456
(123)456-7890
Sally@theodore.com
October 22, 2016
Shitty Shop Job
Supervisor?
678 Dirty ST
City, State, Zip Code
Dear Mr. Manager,
I am writing to announce my resignation from Shitty Shop Job, effective two weeks from this date.
This was not an easy decision to make. The past seven months have been very rewarding. I've enjoyed working for you and thank you for the opportunities for growth that you have provided me.
I wish you and the company all the best. If I can be of any help during the transition, please don't hesitate to ask.
Sincerely,
Your Signature (hard copy letter)
Sally Brumice Theodore
Any advice? -
2016-10-22 at 11:55 PM UTC in Let me vent about one of my two jobsUsually I don't bitch or whine about anything, in real life or on the internet, but this is a special circumstance. I have two jobs, one is part-time in retail, just three days a week, and I've worked there about a year and a half. The other job is in a metal shop, a small company, full-time, pays a couple dollars more an hour than my retail job, and I've been there about seven months.
The job I'd like to bitch about is the metal shop job. I started out knowing from the very beginning that it was only going to be a temporary job, but I of course told them that I would eventually quit my retail job(which I knew wasn't true). The problem with this job, is the people. I mean, it has no benefits(except a few paid holidays, no sick time, no vacation, no health/dental), but that's tolerable if the job is good. The people ruin it.
There is one guy, out of three others that is cool because he simply does his job and keeps to himself. He puts his headphones on and works away and can't hear all of the drama and crying. I would do this as well, except that the general manager decided I'd make a great supervisor. Why? I have no clue. I usually keep to myself, don't really care to much about the job except for my paycheck, and couldn't care less about others whining.
The other two guys are problematic. One is the stepson of the owner, a 17 year old high school dropout, who believes that child prostitution should be legal. He is always crying and bitching about everything including that I'm a shitty supervisor(which I agree) and never shuts the fuck up. He thinks he is good with math, but he's always making calculation mistakes.
The other guy has done this type of work his whole life and bitches everyday about how he is going to quit and how he's pissed at the owner(which he's known for a long time). He worked for the owner at the owners previous company(doing the same thing) and when the owner lost the company due to a divorce, the owner yanked a bunch of funds and didn't pay anyone. This guy is unstable. I have no idea what kind of mood he'll be in. He's happy one minute, and then he's pissed off throwing shit around and storming out of the place.
To make matters worse, the owner is definitely a shady person. He keeps on opening up new businesses, doing the same type of work, all to avoid legal problems. Apparently there is some loophole where business owners can avoid lawsuits by just shutting down their business. He opens up a new one afterwards though. There are shitload of bad(one star) reviews for all of the previous(and current) business he has opened.
Also, the owner has a brother that works there, who is a registered sex offender for raping a mentally retarded girl. This guy goes into customers houses and these people have no idea that they have a rapist inside their homes.
So I'm going to turn in my two weeks notice at this shit hole but was wondering if I'm just being a little bitch or if this is truly a shitty job. -
2016-10-22 at 7:14 AM UTC in Come mess with my hidden service
Start proxychains with sudo, that should do the trick, and yeah sure, would you like me to post your link to a couple of forums i frequent?
Yes, please, but please convince them to actually alert me of any errors rather than vandalize. And no DOS or spamming. I'll make a special section of the forum for all of you that want to test for errors. PM me on the site and I'll either tell you how to access it or I'll make a special link for your accounts to access the area.
-
2016-10-22 at 4:30 AM UTC in Come mess with my hidden service
I will hit you up on there in a bit. I wish i could use zaproxy to intercept the traffic though, that would make fuzzing easier. In general zaproxy sits between me and the website i am connecting to as a http proxie, it doesn't offer socks support however. And chaining it through tor does literally nothing at all, which is gay af, because zaproxy is awesome for the most part.
I just moved to using OWASP ZAP from Burp Suite. I haven't been able to get it to work with TOR though. I got proxychains and it seemed to already come configured, but then TOR wouldn't work for some reason.
Also, I added a captcha and issue a uuid as a token rather than passing around the users password. I'd like these tested. Do you know anyone else that would like to test my site. I'm actually considering putting up some servers with security hole(s) in them to allow people to hack, just to see if they can find the error. -
2016-10-20 at 9:11 PM UTC in So a roving band of internet bandits has been trying to recruit me.My advice in to not do the crime if you can't do the time. Also, I had always thought you were a white hat hacker. From the way yiu word it all, it seems to me as if you really don't want to commit crimes.
-
2016-10-18 at 6:30 AM UTC in Come mess with my hidden service
http://jlp4t5i2pvwdvkx3.onion:8080/?username=&password=submit=
Technically, you're just logging in when you do this. Anytime you send a parameter with a key of 'password' AND a parameter with a key of 'username', you'll be logged in and returned to the index page. Eventually I may make session tokens or cookies(depending on the security for clients).Also i am checking the submit parameter for SQLi vulns. What kind of backend are you running? I ran some heuristics that sais MySQL but i don't think that is correct. Also.
This I wont say yet(if I do).If i take this string
CONCAT_WS(CHAR(32,58,32),user(),database(),version())
And convert it to MSSQL CHAR() and url encode the payload and execute.
%20CHAR%2867%29%20%2b%20CHAR%2879%29%20%2b%20CHAR%2878%29%20%2b%20CHAR%2867%29%20%2b%20CHAR%2865%29%20%2b%20CHAR%2884%29%20%2b%20CHAR%2895%29%20%2b%20CHAR%2887%29%20%2b%20CHAR%2883%29%20%2b%20CHAR%2840%29%20%2b%20CHAR%2867%29%20%2b%20CHAR%2872%29%20%2b%20CHAR%2865%29%20%2b%20CHAR%2882%29%20%2b%20CHAR%2840%29%20%2b%20CHAR%2851%29%20%2b%20CHAR%2850%29%20%2b%20CHAR%2844%29%20%2b%20CHAR%2853%29%20%2b%20CHAR%2856%29%20%2b%20CHAR%2844%29%20%2b%20CHAR%2851%29%20%2b%20CHAR%2850%29%20%2b%20CHAR%2841%29%20%2b%20CHAR%2844%29%20%2b%20CHAR%28117%29%20%2b%20CHAR%28115%29%20%2b%20CHAR%28101%29%20%2b%20CHAR%28114%29%20%2b%20CHAR%2840%29%20%2b%20CHAR%2841%29%20%2b%20CHAR%2844%29%20%2b%20CHAR%28100%29%20%2b%20CHAR%2897%29%20%2b%20CHAR%28116%29%20%2b%20CHAR%2897%29%20%2b%20CHAR%2898%29%20%2b%20CHAR%2897%29%20%2b%20CHAR%28115%29%20%2b%20CHAR%28101%29%20%2b%20CHAR%2840%29%20%2b%20CHAR%2841%29%20%2b%20CHAR%2844%29%20%2b%20CHAR%28118%29%20%2b%20CHAR%28101%29%20%2b%20CHAR%28114%29%20%2b%20CHAR%28115%29%20%2b%20CHAR%28105%29%20%2b%20CHAR%28111%29%20%2b%20CHAR%28110%29%20%2b%20CHAR%2840%29%20%2b%20CHAR%2841%29%20%2b%20CHAR%2841%29
The chatbox returns `1` for some reason.
This I am not about and I couldn't replicate it. Could you do again sometime when we are both only at the same time?It's also good to log all error messages like that, also i will continue testing for a while if it pleases you.
Yes please do. You can also PM me on that site your progress. I'd like to give you more inside information over time to help you possibly find vulnerabilities. Thank you.
