Cryto! 18 June 2013

01:08:47 <scraepy> tip of the day, deny if cases
01:09:27 <scraepy> facts matter!
01:14:59 <ShadowDemon> loggy: hi
01:15:03 <ShadowDemon> .log
01:15:10 <ShadowDemon> poop
01:18:47 <scraepy> .bing wtfpl
01:18:48 <botpie91> scraepy:
01:23:27 <scraepy> .fixed
01:26:05 *** scraepy is now known as smoke
01:32:03 <waflel> .fixed
01:32:07 <waflel> .bing wtfpl
01:32:08 <botpie91> waflel:
01:32:11 <waflel> .bing
01:32:12 <botpie91> waflel:
01:32:17 <waflel> interesting
01:40:30 <smoke> .g waflel
01:40:31 <botpie91> smoke:
01:40:50 <smoke> uhh shh
01:41:33 <smoke> .srry lel
01:42:58 *** smoke is now known as screapy
01:46:28 <waflel> anyone know who ^ that is
01:49:33 <AnonO_o> not blue waffles.
01:55:29 <ShadowDemon> yo yo
06:38:50 <ShadowDemon> github updated their interface
06:38:54 <ShadowDemon> I really don't like it
06:41:39 <MK_FG> No one seem to like new interfaces, ever
07:14:50 <ShadowDemon> LOL
07:14:53 <ShadowDemon> true
07:15:07 <ShadowDemon> Seriously though, it just doesn't look pretty
07:15:24 <ShadowDemon> The last one seemed more intuitive imo
07:15:40 <lady-3jane> except it loads in 1/3 the time and focuses on the code and not all the stupid bullshit nobody cares about
10:57:47 <iceTwy> lady-3jane:
10:57:50 <iceTwy> IT WAS
10:57:52 <iceTwy> GEOGRAPHY
11:25:59 <joepie91> loggy, pointer?
11:25:59 <loggy>
11:26:24 <joepie91> ShadowDemon: I like the new GitHub interface.
11:26:29 <joepie91> or better than the old one, at least
11:30:28 iceTwy (iceTwy@iceTwy.users.cryto) has joined #crytocc
11:31:54 <crytocc-c> joepie91 you see cvps got hacked?
11:31:55 <crytocc-c> :P\
11:33:51 <joepie91> yes, yes I did
11:33:55 <crytocc-c> joepie91, lol.
11:34:04 <crytocc-c> Jack on LET is mad because I released a zero-day on admin login page
11:34:11 <crytocc-c> he thinks soluslabs can "sue me"
11:34:19 <crytocc-c> for what, helping them get better security? LOL
11:34:35 <joepie91> have you potsed them to full-disclosure?
11:49:08 <crytocc-c> I haven't yet.
11:49:12 <crytocc-c> I have to deal with flame
11:49:17 <crytocc-c> because "I got cvps hacked"
11:49:22 <crytocc-c> well, they may of been true, but I didn't hack it.
11:49:30 <crytocc-c> I simply leaked the vuln.
11:49:40 <crytocc-c> bbgbfjfbid( '' . 'php /usr/local/solusvm/includes/email_fork.php -d --email_username_=\'' . $username . '\' --email_lastname_=\'' . $sdata['lastname'] . '\' --email_firstname_=\'' . $sdata['firstname'] . '\' --email_from_=\'' . $sdata['emailaddress'] . '\' --email_company_=\'' . $ceinfo['company'] . '\' --email_address_=\'' . $ceinfo['emailaddress'] . '\' --emailid=\'admin_login_success\' --host=\'' . $lhostname
11:49:40 <crytocc-c> . '\' --ip=\'' . $uip . '\' >/dev/null &' );oh look, vulnerable again
11:49:40 <crytocc-c> exec('php /usr/local/solusvm/inclues/email_form.php -d[....]');
11:49:53 <crytocc-c> they didn't clean $username
11:50:02 <crytocc-c> that sits on admincp/login.php
11:51:53 <crytocc-c> simply break their exec(); and then inject your own code
11:52:03 <crytocc-c> and then bang, you've got their server.
12:19:15 <joepie91>
13:44:42 <iceTwy> crytocc-c: cc
13:44:50 <iceTwy> link to the vulns disclosure?
14:50:07 <zxcvbnm> o herro
14:50:42 <joepie91> o hai
14:50:55 * zxcvbnm just got back yesterday from Bonnaroo
14:51:01 <joepie91> _almost_ works
14:51:04 <joepie91> ah, was it fun? :)
14:51:14 <zxcvbnm> definitely was :)
14:51:16 <joepie91> also
14:51:25 <joepie91>
14:51:29 <joepie91> may be of interest to you
14:51:36 <zxcvbnm> me likey this so far
14:51:43 <joepie91> huh, you hadn't seen it before?
14:51:48 <joepie91> also, it's ded atm
14:51:51 <joepie91> still have to restore the DB
14:51:53 <zxcvbnm> it's possible I looked at that coursera last week
14:51:55 <zxcvbnm> ah, k.
14:52:00 <joepie91> it was hit by a data loss issue
14:52:04 * zxcvbnm stops the infinite wheel
14:52:06 <joepie91> and I hadn't gotten around to restoring the DB yet
14:52:11 <joepie91> will be doing that in a short while
14:52:16 <joepie91> (I have backups etc :P)
14:52:17 <zxcvbnm> oOo
14:53:09 <zxcvbnm> We do a lot of malware analysis here, I'll check this out. Every little tip and trick helps
15:07:35 <waflel> rape
15:07:36 <waflel> rape
15:07:38 <waflel> serious rape
15:07:40 <waflel> DUMBLEWHORE
15:08:34 <joepie91>
15:40:35 <joepie91> .whois
15:40:36 <botpie91> The domain does not seem to exist.
16:09:43 <joepie91> zxcvbnm:
16:09:46 <joepie91>
16:09:47 <joepie91> it works :D
16:11:24 <zxcvbnm> w00t
16:12:53 <zxcvbnm> joepie91 maybe you know; can you take a uReddit course after it is done/over ?
16:13:02 <joepie91> that depends on the course afaik
16:13:04 <zxcvbnm> I haven't seen any evidence of that being possible
16:13:06 <joepie91> uReddit is a bit messy
16:13:06 <joepie91> :P
16:13:06 <zxcvbnm> oh
16:13:07 <zxcvbnm> ya
16:13:09 <zxcvbnm> it is a bit messy
16:30:44 <crytocc-c> joepie91 I'm here for the next 35 seconds
16:54:18 <lady-3jane> giant dicks
17:13:48 lolpie91 ( has joined #crytocc
17:13:52 <joepie91> .reload
17:13:55 <joepie91> no?
17:13:57 <joepie91> aw.
17:13:59 <joepie91> .help reload
17:14:04 <joepie91> sadface.
17:14:14 * lady-3jane reports bugs
17:15:00 <lady-3jane> if you install https-everywhere and, they fight eachother for redirecting to https sites
17:15:08 <lady-3jane> it's hilarious, until it completely locks up chrome
17:17:57 <lady-3jane> also wtf
17:18:02 <lady-3jane> why do I have a static IP
17:18:20 <lady-3jane> lived here, on the fancy internet for 3 years. NOW they give me a static ip? the month before I move out? fuckers.
17:22:55 <joepie91> .addgh joepie91
17:22:56 <lolpie91> TypeError: string indices must be integers (file "/home/sven/projects/phenny/modules/", line 43, in parse_github_feed)
17:22:58 <joepie91> :(
17:23:56 <joepie91> .addgh joepie91
17:23:57 <lolpie91> TypeError: string indices must be integers (file "/home/sven/projects/phenny/modules/", line 44, in parse_github_feed)
17:24:20 <joepie91> .addgh joepie91
17:24:20 <lolpie91> User addgh is now being watched.
17:24:22 <lolpie91> TypeError: string indices must be integers (file "/home/sven/projects/phenny/modules/", line 44, in parse_github_feed)
17:24:23 <joepie91> ..
17:24:27 <joepie91> derp
17:24:44 <joepie91> .addgh joepie91
17:24:44 <lolpie91> User joepie91 is now being watched.
17:24:56 <joepie91> .startgh
17:24:56 <lolpie91> Now watching GitHub.
17:24:56 <botpie91> Already watching GitHub.
17:25:47 <joepie91> .addgh alexgurrola
17:25:49 <lolpie91> User alexgurrola is now being watched.
17:26:13 <joepie91> .startgh
17:26:14 <botpie91> Already watching GitHub.
17:26:14 <lolpie91> Now watching GitHub.
17:27:54 <joepie91> .startgh
17:27:55 <botpie91> Already watching GitHub.
17:27:56 <lolpie91> Now watching GitHub for users joepie91, alexgurrola.
17:28:02 <joepie91> :D!
17:29:10 <joepie91> .addgh
17:29:11 <lolpie91> joepie91: No user specified.
17:30:37 <joepie91> .startgh
17:30:38 <botpie91> Already watching GitHub.
17:30:39 <lolpie91> Now watching GitHub for users joepie91, alexgurrola.
17:30:42 <joepie91> ff
17:30:43 <joepie91> too late
17:30:51 <joepie91> .startgh
17:30:52 <botpie91> Already watching GitHub.
17:30:53 <lolpie91> Already watching GitHub.
17:30:57 <botpie91> 04joepie91 made 1 commit(s) to 03phenny on branch 10master: '02Allow watching multiple GitHub users in the GitHub watching module' (
17:31:51 <joepie91> .addgh joepie91
17:31:51 <botpie91> User joepie91 is now being watched.
17:31:54 <joepie91> .startgh
17:31:55 <botpie91> Now watching GitHub for users joepie91.
17:33:26 <botpie91> 04joepie91 made 1 commit(s) to 03phenny on branch 10master: '02Don't print feed entries to stdout' (
17:33:54 <botpie91> 04joepie91 made 1 commit(s) to 03phenny on branch 10master: '02Don't print feed entries to stdout' (
17:34:39 <joepie91> .startg
17:34:41 <joepie91> .startgh
17:34:42 <botpie91> Now watching GitHub for users joepie91.
17:35:18 iceTwy (iceTwy@iceTwy.users.cryto) has joined #crytocc
17:36:51 <joepie91> iceTwy
17:36:56 <joepie91> do you have a github?
17:37:00 <iceTwy> yes
17:37:01 <iceTwy> very much so
17:37:03 <iceTwy> iceTwsy
17:37:05 <iceTwy> iceTwy*
17:37:11 <joepie91> .addgh iceTwy
17:37:12 <botpie91> User iceTwy is now being watched.
17:37:15 <joepie91> :)
17:37:16 <lady-3jane> haha
17:37:23 <iceTwy> oo :D
17:37:26 <iceTwy> thanks
17:37:27 <lady-3jane> my gh is unused lel
17:37:34 <joepie91> YOU'RE BEING WATCHED!
17:37:35 <joepie91> lol
17:37:35 <iceTwy> I had an amazing afternoon!
17:37:38 <joepie91> oh?
17:37:42 <iceTwy> Yay
17:37:50 <iceTwy> I met an English guy from a gaming community
17:38:07 <iceTwy> Super cool guy, we went to the café (I HAD TO) and chilled in a park.
17:38:12 <iceTwy> walked a bit around, etc.
17:38:43 <iceTwy> saw a PM from him on our community forum, didn't expect it - but was extremely refreshing after a tense week
17:40:10 <joepie91> heh
17:40:26 <lady-3jane> :>
17:40:43 <lady-3jane> get yo'self a boyfriend, didja? :D
17:40:54 * lady-3jane stifles a laugh
17:42:08 <lady-3jane> hmm
17:42:19 <lady-3jane> I should see if I can get chrome canary on linux
17:42:49 <lady-3jane> opera next is pretty much chrome nightly without chrome shit
17:42:53 <lady-3jane> it's so scary fast
17:43:11 <lady-3jane> but it no linux
17:45:06 <lady-3jane> NP: [Lady GaGa - Teeth] [The Fame Monster] [1028kbps] DeaDBeeF 0.5.6-3jane
17:45:19 <lady-3jane> hmm
17:45:31 <lady-3jane> I am hoping I can move my site to our fancy server >_>
17:45:38 <lady-3jane> but then I'd stop loving my shit server
17:45:41 <lady-3jane> :|
17:45:55 <lady-3jane> but I want less latency and more uplink
17:45:55 <lady-3jane> :/
17:46:41 <joepie91> man
17:46:43 <joepie91> today is productive
17:47:07 <lady-3jane> yes
17:54:20 <iceTwy> lady-3jane: well that very guy has a preference for men
17:54:31 <iceTwy> not in a relationship, cute, English
17:54:35 <iceTwy> me be okay
17:54:41 <iceTwy> plus he knows I flirt with guys lol
17:56:33 <lady-3jane> :>
17:56:42 <lady-3jane> so it wouldn't be the worst situation to be in :D
17:57:24 <iceTwy> no, not at all
17:57:24 <iceTwy> :p
17:57:37 <iceTwy> I'm just saying; the best is to be bi!
17:58:05 <lady-3jane> twice the number of available mates, duh
17:58:47 <iceTwy> hehe
17:59:26 <iceTwy> but yeah, it was super cool and it cleared my mind from those finals!
17:59:43 <iceTwy> my second-to-last final is tomorrow
17:59:46 <iceTwy> le français !
18:03:53 <lady-3jane> :D
18:04:03 <lady-3jane> tu dois parler bien! :D
18:15:16 <iceTwy> well
18:15:18 <iceTwy> I'm French
18:15:18 <iceTwy> so
18:15:20 <iceTwy> obv :p
18:18:25 <iceTwy> I'll be following Cryptography I on Coursera
19:38:27 <crytocc-c> joepie91
19:52:49 <joepie91> ?
20:05:26 <lady-3jane> bad ass
20:05:36 * lady-3jane fixed up twitter widgets on site
20:05:53 <lady-3jane> made a list I've been meaning to create for ages...
20:13:37 <why_slap_option> hi joepie91
20:23:41 <joepie91> hai
20:26:38 <why_slap_option> i have plan
20:29:27 <joepie91> plan has you
20:29:28 <joepie91> :P
20:29:42 <why_slap_option> haha
20:33:18 <why_slap_option> joe whats the safest way i can talk to you
20:33:48 <why_slap_option> joepie91 ^
20:38:50 <EmptyRedData> XMPP with OTR I would guess. I'm no expert however
20:39:11 <joepie91> why_slap_option, add me on XMPP:
20:39:12 <joepie91> er
20:39:13 <joepie91> sorry
20:39:16 <joepie91>
20:39:20 <joepie91> be sure to have Pidgin with OTR
20:40:30 <joepie91> and yes, EmptyRedData, that'd be accurate :P
20:42:42 <EmptyRedData> Awesome :)
21:35:42 <why_slap_option> joepie91^
21:36:21 <zxcvbnm> zxcvbnm^
22:01:09 <iceTwy> gued night
22:02:54 <crytocc-c> Johnathan Snyder - a face to kill.
22:40:50 <crytocc-c> joepie91 is killing people online legal?
22:41:40 <joepie91> eh? :P
23:03:09 <joepie91>
23:03:16 <joepie91> finally wrote that better python docs example
23:30:29 <lady-3jane> joepie91:) :D
23:30:39 * lady-3jane writes... yet another article. fuck me.
23:31:23 <joepie91> lol
23:31:30 <lady-3jane> seriously
23:31:36 <lady-3jane> why the fuck do I have so much I want to write down
23:31:37 <lady-3jane> fuck
23:32:02 <lady-3jane> best article title: How I Learned to Stop Worrying and Love The Gridlock
23:32:10 * lady-3jane griiiiiiiins
23:33:16 <lady-3jane> <-- not finished
23:34:09 <lady-3jane> todo: rewrite a couple bits and link all the jargon nobody will know to relevant wikipedia pages
23:34:18 <joepie91> I don't like the font weight
23:34:39 <joepie91> has it changed recently?
23:34:57 <lady-3jane> wow, you still have absolutely horrible fonts
23:35:25 <lady-3jane> do you have msftcorefonts installed? or the liberation family, or so?
23:35:25 <joepie91> use webfonts? :|
23:35:30 <lady-3jane> no
23:35:43 <lady-3jane> I have fallbacks all the way back to '97
23:35:45 <joepie91> I probably don't
23:35:47 <joepie91> and lol
23:36:08 <crytocc-c> joepie91
23:36:12 <crytocc-c> wanna see something I'm working on?
23:36:21 <joepie91> depends how much time it takes to look
23:36:21 <joepie91> :p
23:36:28 <joepie91> depends on *
23:36:33 <joepie91> I'm working on the new cryto site atm
23:36:36 <crytocc-c> it takes a fdew seconds
23:36:37 <lady-3jane> It looks like you're using lucida serif and horribly fucking rendered
23:36:39 <joepie91> then, sure
23:37:02 <joepie91> lady-3jane,
23:37:13 <lady-3jane> yeah
23:37:21 <lady-3jane> dude, go fix your font rendering settings
23:37:27 <lady-3jane> there's a damn gui for it in gnome based shit
23:37:36 <lady-3jane> liberation serif is GORGEOUS
23:38:14 <lady-3jane> your shit is being rendered without any antialiasing
23:38:22 <lady-3jane> which is why it looks like ie6 on xp
23:38:50 <joepie91> lol
23:38:56 <lady-3jane> ubuntu doesn't come with it turned on either, I had to fix that shit myself
23:38:56 <joepie91> GNOME broke
23:38:58 <joepie91> on this machine
23:39:01 <joepie91> because fedora
23:39:06 <lady-3jane> I can't fucking imagine why good fonts wouldn't be a default
23:39:12 <joepie91> like, any kind of binary that starts with gnome- just segfaults
23:39:14 <joepie91> on run
23:39:17 <lady-3jane> since ubuntu font family is so damn gorgeous
23:39:22 <lady-3jane> haha fuck
23:39:23 <lady-3jane> lol
23:39:31 <joepie91> including gnome-control-center or whatever the fuck its called
23:39:33 <crytocc-c>
23:39:35 <crytocc-c> lol I died.
23:43:28 <lady-3jane> joepie91:) quick screenshot of this for me? with fonts if you can fit it in the same ss
23:43:46 <lady-3jane> that's what published shit looks like
23:44:44 <joepie91> can't run whatfont
23:44:46 <joepie91> because https
23:44:47 <joepie91> >.>
23:45:06 <joepie91>
23:47:12 <lady-3jane> lol
23:48:17 <lady-3jane> wat, why do you get orange asterisks
23:48:25 <lady-3jane> off-domain links?
23:54:56 <joepie91> oh
23:55:00 <joepie91> that's
23:55:00 <joepie91> heh
23:55:09 <joepie91> gives me a wikipedia preview
23:55:11 <joepie91> on mouseover
23:58:35 <lady-3jane> huh
23:58:54 <joepie91> ?
23:58:57 <lady-3jane> I wonder... someone made a tldr of my rant on font sizes... ran across it in search results
23:59:04 <joepie91> :D
23:59:05 <lady-3jane> I dunno if it was the same service though
23:59:09 <joepie91> probably
23:59:10 <joepie91> link?
23:59:13 <joepie91> to post
23:59:17 <joepie91> the original one
23:59:20 <lady-3jane>
23:59:34 <lady-3jane> I put the tldr there haha
23:59:41 <lady-3jane> and then the same text showed up elsewhere
23:59:45 <lady-3jane> made me lol
23:59:47 <joepie91> ah, no, no tl;dr available
23:59:51 <joepie91> via