Hey so i've been playing around with polycodes 3D section and this is what i've come up with...
[media]http://www.youtube.com/watch?v=OJoDNEQK-sw[/media]
I've been getting a really strange critical error when i try to build in release mode, here is the source and if anyone can help me that'd be awesome...
[url]http://dl.dropbox.com/u/15805077/perma/testcraft.zip[/url]
[QUOTE=ROBO_DONUT;33491988]While we're on this topic, anyone else think the way Win7+UAC handles the "Program Files" folder is retarded?
It keeps multiple copies of the files, allows users to modify their own copy which masks the system copy, then executes programs using the system copy, giving the user [i]absolutely no indication[/i] which one they're looking at or even that two separate copies of the same file exist. Which one you get depends entirely on the context from which you access it.
I spent literally twelve hours trying to figure out WTF was going on. I was ready to bring in an exorcist.
It's another convoluted, idiotic idea, just as I've come to expect from Microsoft. Not sure how one company can employ so many 'brilliant' programmers and make such brainless design choices.
They should've gone the UNIX way and just disallowed write access to regular users. At least that would make some sense. You keep exactly one copy of the file, and you see exactly one copy of the file. Instead of having to ask yourself 'is this the real file I'm looking at, or is my OS trying to deceive me again?'[/QUOTE]
It's the same thing with how %windir%/system32 is handled on 64-bit systems. When a 32-bit application runs, %windir%/WoW64 is mounted as system32 and is the 32-bit DLL subsystem, but when a 64-bit application is running, system32 is mounted as system32 and is the 64-bit (!) DLL sub-system. And it's completely transparent. And whatever you try to do to access 32-bit system files from a 64-bit app or vice versa, it's almost unfeasible. Just have a system64 directory, gods fucking dangit. Even Linux can do it properly! (/usr/lib and /usr/lib64, albeit most distros ship 64-bit libraries in /usr/lib and 32-bit libraries in /usr/lib32, which makes sense considering that many purists find erotic pleasure in having a native-binary-only OS)
Not to mention the atrocity of having omnipresent DOS device files (just try and create a file named 'con.*', I dare you, I double-dare you motherfucker). This hit me in the balls once when I was porting a POSIX app to Windows and had a file named con.h or .cpp or whatever.
[QUOTE=Dotmister;33495602]Really guys? Can we not go half a page without arguing over stupid shit?[/QUOTE]
Yeah.
But that wouldn't fill their quota for the week.
[QUOTE=benjojo;33494872]Ok, Really now. I've found HTTP Power plants, Thermostats. NOW MRI MACHINES IN INDIA:
[img]http://i.imgur.com/d7x4f.png[/img][/QUOTE]
With just scanning random ips my find rate is about 1-2%. So for every 100 ips scanned I find 1-2 http servers. I am thinking of turning this into an actual program as right now its just a dumper. Also going to try improving the scanning tonight so it scans ranges it has found ips in instead of just trying random ones.
I am finding a fuck ton of printers though. Most of which allow you to print without any elevated access and most of them have default admin password. Funny enough most that allow you to print and have the default admin password are from universities.
[img]http://goo.gl/p4SYh[/img]
[img]http://goo.gl/8OYZe[/img]
[QUOTE=high;33496478]With just scanning random ips my find rate is about 1-2%. So for every 100 ips scanned I find 1-2 http servers. I am thinking of turning this into an actual program as right now its just a dumper. Also going to try improving the scanning tonight so it scans ranges it has found ips in instead of just trying random ones.
I am finding a fuck ton of printers though. Most of which allow you to print without any elevated access and most of them have default admin password. Funny enough most that allow you to print and have the default admin password are from universities.
[img]http://goo.gl/p4SYh[/img]
[img]http://goo.gl/8OYZe[/img][/QUOTE]
Fuck yeah. I've got to try that.
Wait, can you send print commands without being on their network? That would freak some librarian out.
[QUOTE=q3k;33496191]Not to mention the atrocity of having omnipresent DOS device files (just try and create a file named 'con.*', I dare you, I double-dare you motherfucker). This hit me in the balls once when I was porting a POSIX app to Windows and had a file named con.h or .cpp or whatever.[/QUOTE]
[IMG]http://i.imgur.com/TEdvc.png[/IMG]
I managed to do it, but explorer crashed right afterwards. Why?
[QUOTE=supersnail11;33496498]Fuck yeah. I've got to try that.
Wait, can you send print commands without being on their network? That would freak some librarian out.[/QUOTE]
Ya, you can add printers to windows from ips. All you need to know is the model of the printer.
Edit:
Informed the university via printing a page with some [url=http://redtape.msnbc.msn.com/_news/2011/11/29/9076395-exclusive-millions-of-printers-open-to-devastating-hack-attack-researchers-say]information about printers being vulnerable[/url]. (Tracking the printed link, will let you know if someone visits it)
[img]http://goo.gl/fVJ7Y[/img]
[img]http://goo.gl/DrNtf[/img]
Decided to make a YouTube video showing what I've been working on for the past 4 days, and talking about what I've done for 5 months when I didn't post anything.
[media]http://www.youtube.com/watch?v=BqHX1lp58io[/media]
[QUOTE=amcfaggot;33496508][IMG]http://i.imgur.com/TEdvc.png[/IMG]
I managed to do it, but explorer crashed right afterwards. Why?[/QUOTE]
Black magic. I don't know how you managed to create that file (I think you actually can with the OpenFile WinAPI call, haven't checked [b]EDIT[/b] apparently you can use the . filesystem path, \\.\c:\test\con.txt, to do it, too), and even more, I don't know why Explorer crashed on you. Maybe it tried to access some additional info about the file (timestamps?) which failed and there wasn't any protection against it. You should probably see whether it's not a viable exploit vector. :v:
In case somebody doesn't know about this: long story short, old DOS versions, without hierarchical filesystems, used device files to enable modem and printer access to programs (they were called \con, etc.). Then DOS with hierarchical filesystems arrived, and to maintain compability with older software (which was written in a way that it always expected these files in the current directory), these device files were made to automagically appear everywhere in the filesystem. And then newer DOS versions happened, and then Windows happened, and it stayed that way.
Gods bless backwards compability.
[QUOTE=amcfaggot;33496508][IMG]http://i.imgur.com/TEdvc.png[/IMG]
I managed to do it, but explorer crashed right afterwards. Why?[/QUOTE]
[url]http://www.astahost.com/info/tiomcm-create-file-named.html[/url]
[quote]
Hey, CON is for keyboard input. It's a special file, used as input stream by keyboard.
[/quote]
I guess that explains not being able to do anything until explorer relaunched.
We love all of your videos Austech! Kepp it up.
[QUOTE=ROBO_DONUT;33493036]Except they don't disallow write access. I can modify a file from Program Files in Notepad, save, close, and load it back up, and it'll show all the modifications I made. That's far worse. It's beyond silent failure.[/QUOTE]
You can even in some cases delete files (sometimes this happens on files in use) and they'll disappear in explorer, but still exist for some programs
The amount of headache caused by that is beyond me
[QUOTE=high;33496526]Ya, you can add printers to windows from ips. All you need to know is the model of the printer.
Edit:
Informed the university via printing a page with some [url=http://redtape.msnbc.msn.com/_news/2011/11/29/9076395-exclusive-millions-of-printers-open-to-devastating-hack-attack-researchers-say]information about printers being vulnerable[/url]. (Tracking the printed link, will let you know if someone visits it)
[img]http://goo.gl/fVJ7Y[/img]
[img]http://goo.gl/DrNtf[/img][/QUOTE]
Thanks for the first 6 digits, I found one of their cameras. Unblocked, of course.
[url]http://128.173.44.107/view/viewer_index.shtml?id=3994[/url]
[editline]29th November 2011[/editline]
:v:
[QUOTE=Titz;33497145]Thanks for the first 6 digits, I found one of their cameras. Unblocked, of course.
[url]http://128.173.44.107/view/viewer_index.shtml?id=3994[/url]
[editline]29th November 2011[/editline]
:v:[/QUOTE]
They have quite a few printers on their network open worldwide.
[url]http://128.173.44.104/ews/index.htm[/url]
[QUOTE=Dotmister;33497219]They have quite a few printers on their network open worldwide.
[url]http://128.173.44.104/ews/index.htm[/url][/QUOTE]
Both say Torgerson 1140. Does that mean we can see it printing on the live cam?
[QUOTE=Dotmister;33497219]They have quite a few printers on their network open worldwide.
[url]http://128.173.44.104/ews/index.htm[/url][/QUOTE]
I just sent that printer hardcore gay dergon porn. rrerr
Come on guys posting the IP is just mean.
Meanwhile that IP crawler thingy of mine too has found an imperial fuckton of HP Smart Jet printers...
[QUOTE=Titz;33497145]Thanks for the first 6 digits, I found one of their cameras. Unblocked, of course.
[url]http://128.173.44.107/view/viewer_index.shtml?id=3994[/url]
[editline]29th November 2011[/editline]
:v:[/QUOTE]
That's why I want to improve my scanner. So it can find everything on a network :D.
[QUOTE=high;33496526]Informed the university via printing a page with some [url=http://redtape.msnbc.msn.com/_news/2011/11/29/9076395-exclusive-millions-of-printers-open-to-devastating-hack-attack-researchers-say]information about printers being vulnerable[/url]. (Tracking the printed link, will let you know if someone visits it)[/QUOTE]
[quote=msnbc]But the Columbia researchers say standard print commands sent both from a Macintosh computer and a PC running Linux tricked an HP printer into reprogramming itself. Moore later conceded that might be true; but the two sides disagreed on whether users in a Microsoft Windows environment were safe from the attack.[/quote]
I like how [b]MS[/b]NBC misleads readers into believing that Windows is somehow invulnerable (because the tools the attacker used only run on Lunix!) by feigning ignorance.
I hope their students can speak French, because now their printer menu won't be displaying in English. :v:
What Are You Working On: DoSing some random university's printers.
[url]http://128.173.89.246/[/url]
What
[editline]aaa[/editline]
[url]http://128.173.97.169/[/url]
They have a public repo. I guess its for students?
[QUOTE=artanis;33495855]Don't use move on return values, you may prevent the compiler from doing RVO and even if it can't it will move from the object on its own.
[url]http://pizer.wordpress.com/2009/04/13/c0x-do-people-understand-rvalue-references/[/url][/QUOTE]
Ahh. The more you know. :v:
I know that some universities mirror distros to assist developers.
[url]http://goo.gl/CUxov[/url]
And there are a million cameras we shouldn't see from around the world. What the fuck people
IP scanning sounds like fun. Sounds somewhat difficult, aswell.
I enjoy this :v:
Come play with a oil well camera with me.
[url]http://64.203.126.178/view/viewer_index.shtml[/url]
[QUOTE=Map in a box;33497634]Sounds somewhat difficult, aswell.[/QUOTE]
It's really not, at all.
It's about on the same level as '[url=http://en.wikipedia.org/wiki/Google_hacking]google hacking[/url]'
What timeout do you guys use? :v:
[editline]29th November 2011[/editline]
My router seems to dislike it
Sorry, you need to Log In to post a reply to this thread.
