Ask us about the forums: READ THE OP or get BANNED.
1,057 replies, posted
[QUOTE=aurum481;34483743]What are you golds discussing about there?
[img] http://filesmelt.com/dl/golds.png[/img]
[sp]User was banned for this post: Leaking GMF thread titles[/sp] :v:[/QUOTE]
Nothing
[QUOTE=TerabyteS_;34483748]Couldn't you just have added php-fpm to rc.conf?[/QUOTE]
Well now I know...
Is gold Member Perma or A Monthly thing
permanent
[QUOTE=Liem;34484139]Is gold Member Perma or A Monthly thing[/QUOTE]
It's perma
gold members are bad people
blue members are where it's at
[QUOTE=Kaze;34485448]gold members are bad people
blue members are where it's at[/QUOTE]
you will be one of us eventually
Getting security token errors in GMF when trying to post
Recently changed my password because of that jessecar's script
[QUOTE=Generic Jesse;34483482]It wasn't written down. The person that runs my server installed nginx on it to make it faster, but ever since then I had to start php manually when the server was restarted. (When PHP is not running you can see all the site's code and [b]password[/b] in plain text) So someone could have seen it during one of those times.
All the passwords have been changed now to more secure ones.
[editline]31st January 2012[/editline]
No[/QUOTE]
uh
why
Jesse, if you're going to do more coding in future, may I suggest you take your code and source into a private beta in the Programming\Web Development forums so they can review your code for security first?
[QUOTE=mechanarchy;34485643]Jesse, if you're going to do more coding in future, may I suggest you take your code and source into a private beta in the Programming\Web Development forums so they can review your code for security first?[/QUOTE]
I actually wrote tf2rep, which is the thing that he hosts; the problem was that apache would be the one that started on reboot, not nginx- and nginx is configured for it, not apache.
i'm actually a little fuzzy on the details, as well.
[editline]31st January 2012[/editline]
the fpalt finder he wrote, though
[QUOTE=mechanarchy;34485643]Jesse, if you're going to do more coding in future, may I suggest you take your code and source into a private beta in the Programming\Web Development forums so they can review your code for security first?[/QUOTE]
This. We're [i]generally[/i] a friendly bunch in prog and webdev and we'd be happy to help out with anything.
[QUOTE=Generic Jesse;34483482]It wasn't written down. The person that runs my server installed nginx on it to make it faster, but ever since then I had to start php manually when the server was restarted. (When PHP is not running you can see all the site's code and password in plain text) So someone could have seen it during one of those times.
All the passwords have been changed now to more secure ones.
[editline]31st January 2012[/editline]
No[/QUOTE]
a properly configured nginx/php-fpm(or fcgi) stack won't just blindly server php files when the php script is down, that would be something that a misconfigured apache instance would do. please learn what you are talking about before speaking.
[QUOTE=douche beat;34485890]a properly configured nginx/php-fpm(or fcgi) stack won't just blindly server php files when the php script is down, that would be something that a misconfigured apache instance would do. please learn what you are talking about before speaking.[/QUOTE]
nginx/php-fpm [b]did not[/b] serve unparsed php files (I did the configuration myself)
an unproperly configured apache [b]did[/b] serve unparsed php files
from what i can tell
[QUOTE=Ac!dL3ak;34485785]the problem was that apache would be the one that started on reboot, not nginx[/QUOTE]
so why wouldn't you fix that? I'm assuming you're running a VPS so you should have complete access to this kind of shit. if it was that much of a problem (and a server just blindly pushing the source of your code out [b]is[/b]) then it should have been rectified. fiddle around with the scripts in /etc/init.d or /etc/rc.d
There are plenty of people in the Linux section far more knowledgable about this than I am, and I'm sure any one of them would be happy to help.
[editline]1st February 2012[/editline]
[QUOTE=Ac!dL3ak;34485785]I actually wrote tf2rep, which is the thing that he hosts; the problem was that apache would be the one that started on reboot, not nginx- and nginx is configured for it, not apache.
i'm actually a little fuzzy on the details, as well.
[editline]31st January 2012[/editline]
the fpalt finder he wrote, though[/QUOTE]
There's still obviously security problems with his code though if [url=http://www.facepunch.com/threads/1152037?p=34481155&viewfull=1#post34481155]things like this happen[/url]:
[code]
Notice: Undefined index: security in /var/www/html/net/fp/fpalts.php on line 9
Notice: Undefined index: array in /var/www/html/net/fp/fpalts.php on line 9
Notice: Undefined index: user in /var/www/html/net/fp/fpalts.php on line 9
Notice: Undefined index: hash in /var/www/html/net/fp/fpalts.php on line 9
Notice: Undefined index: user in /var/www/html/net/fp/fpalts.php on line 28
You're using an older version of the FP Alt Finder,
Download the newest Version[/code]
[QUOTE=mechanarchy;34486118]so why wouldn't you fix that? I'm assuming you're running a VPS so you should have complete access to this kind of shit. if it was that much of a problem (and a server just blindly pushing the source of your code out [b]is[/b]) then it should have been rectified. fiddle around with the scripts in /etc/init.d or /etc/rc.d
There are plenty of people in the Linux section far more knowledgable about this than I am, and I'm sure any one of them would be happy to help.
[editline]1st February 2012[/editline]
There's still obviously security problems with his code though if [url=http://www.facepunch.com/threads/1152037?p=34481155&viewfull=1#post34481155]things like this happen[/url]:
[code]
Notice: Undefined index: security in /var/www/html/net/fp/fpalts.php on line 9
Notice: Undefined index: array in /var/www/html/net/fp/fpalts.php on line 9
Notice: Undefined index: user in /var/www/html/net/fp/fpalts.php on line 9
Notice: Undefined index: hash in /var/www/html/net/fp/fpalts.php on line 9
Notice: Undefined index: user in /var/www/html/net/fp/fpalts.php on line 28
You're using an older version of the FP Alt Finder,
Download the newest Version[/code][/QUOTE]
i wasn't the one who wrote fpalts.php nor fp_posts.php, and i don't do stuff as stupid as that.
I am actually saddened i did not see the problem sooner, but i figured why would the server be rebooted often?
I actually didn't expect apache to do that, i expected it to actually execute the input before it outputted it but it seems i was wrong, and i won't make that mistake in the future again.
I would have never implemented the FP Alt Finder like that.
I'm going to make a better script.. With blackjack and hookers!
[URL="http://www.facepunch.com/threads/1156734"]Mods, lock this thread, please.[/URL]
[QUOTE=fruxodaily;34487232]I'm going to make a better script.. With blackjack and hookers![/QUOTE]
make sure it makes threads too
[QUOTE=douche beat;34489227]make sure it makes threads too[/QUOTE]
Masking IP address and keylogging everyone's password by creating a change your password screen and collecting it on a hacked server?
Okay
so is FP toolkit safe to use now that Jesse wiped his server?
[QUOTE=Raijin;34492371]so is FP toolkit safe to use now that Jesse wiped his server?[/QUOTE]
Yeah it's super safe, I'm using it right now works like a fucking charm
[QUOTE=Raijin;34492371]so is FP toolkit safe to use now that Jesse wiped his server?[/QUOTE]
That's like licking a girl with herpes because she's washed herself down there.
I'm sorry if this has been answered already, but I'm having some flagdog issues. I tried clearing my cache and everything, and flagdog still wasn't working. I clicked the broken flag and it took me to some site with a captcha, I put in the captcha, and now it just says service unavailable, and the flags are still broken.
What on earth did I do?
EDIT: Nevermind I guess it's working now. Strange.
How long/short can you get banned for? I've seen a range from an hour to a month. What are the hole ranges?
[QUOTE=Cructo;34494777]Are reaction videos bannable?[/QUOTE]
It should be, although I haven't seen a lot of bans for it.
[QUOTE=Daniel Smith;34494721]How long/short can you get banned for? I've seen a range from an hour to a month. What are the hole ranges?[/QUOTE]
hour, day, 3 days, week, month, perma
[QUOTE=LordCrypto;34495135]hour, day, 3 days, week, month, perma[/QUOTE]
and 12 hours is also common.
[QUOTE=horsedrowner;34495158]7 days[/QUOTE]
also known as a week
[QUOTE=Overv;34495183]also known as a week[/QUOTE]
Oops :downs:
Sorry, you need to Log In to post a reply to this thread.
