Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Search - "wtf bomb"
-
Me wanting to board Plane,
Goes through security Check...
"Sorry sir Laptops are not allowed."
Me
"Why?"
Security
"It could be a modified bomb"
Me
"But this is a Tablet!"
Security
"No sir, it has a Keyboard and Trackpad attached to it, its also running Windows..."
Me
"Excuse me, but this is clearly a Tablet"
*Detatches Keyboard from Surface Book*
"See? Tablet."
Security,
"Sorry sir, but no. You cant board the plane with this, only Tablets and Smartphones"
Me
"WTF? you dont allow Laptops because they could be bombs but A FUCKING SMARTPHONE IS ALLOWED? AND TABLETS TOO?!"
Security
"Yes, because the Battery is not removable..."
Me
"But my Laptop Battery is also not Removable..."
Security
"I dont have anymore Time for an Argument"
Me
"So I can board the Plane?"
Security
"No, the Ticket will be refunded"
WHO THE FUCK CAME UP WITH THIS BULLSHIT? LIKE RLY? WHO!!
I MEAN WHAT THE FUCK IS ALLOWED?!30 -
Navy story continued.
And continuing from the arp poisoning and boredom, I started scanning the network...
So I found plenty of WinXP computers, even some Win2k servers (I shit you not, the year was 201X) I decided to play around with merasploit a bit. I mean, this had to be a secure net, right?
Like hell it was.
Among the select douchebags I arp poisoned was a senior officer that had a VERY high idea for himself, and also believed he was tech-savvy. Now that, is a combination that is the red cloth for assholes like me. But I had to be more careful, as news of the network outage leaked, and rumours of "that guy" went amok, but because the whole sysadmin thing was on the shoulders of one guy, none could track it to me in explicit way. Not that i cared, actually, when I am pissed I act with all the subtleness of an atom bomb on steroids.
So, after some scanning and arp poisoning (changing the source MAC address this time) I said...
"Let's try this common exploit, it supposedly shouldn't work, there have been notifications about it, I've read them." Oh boy, was I in for a treat. 12 meterpreter sessions. FUCKING 12. The academy's online printer had no authentication, so I took the liberty of printing a few pages of ASCII jolly rogers (cute stuff, I know, but I was still in ITSec puberty) and decided to fuck around with the other PCs. One thing I found out is that some professors' PCs had the extreme password of 1234. Serious security, that was. Had I known earlier, I could have skipped a TON of pointless memorising...
Anyway, I was running amok the entire network, the sysad never had a chance on that, and he seemed preoccupied with EVERYTHING ELSE besides monitoring the net, like fixing (replacing) the keyboard for the commander's secretary, so...
BTW, most PCs had antivirus, but SO out of date that I didn't even need to encode the payload or do any other trick. An LDAP server was open, and the hashed admin password was the name of his wife. Go figure.
I looked at a WinXP laptop with a weird name, and fired my trusty ms08_067 on it. Passowrd: "aaw". I seriously thought that Ophcrack was broken, but I confirmed it. WTF? I started looking into the files... nothing too suspicious... wait a min, this guy is supposed to work, why his browser is showing porn?
Looking at the ""Deleted"" files (hah!) I fount a TON of documents with "SECRET" in them. Curious...
Decided to download everything, like the asshole I am, and restart his PC, AND to leave him with another desktop wallpaper and a text message. Thinking that he took the hint, I told the sysadmin about the vulnerable PCs and went to class...
In the middle of the class (I think it was anti-air warfare or anti-submarine warfare) the sysad burst through the door shouting "Stop it, that's the second-in-command's PC!".
Stunned silence. Even the professor (who was an officer). God, that was awkward. So, to make things MORE awkward (like the asshole I am) I burned every document to a DVD and the next day I took the sysad and went to the second-in-command of the academy.
Surprisingly he took the whole thing in quite the easygoing fashion. I half-expected court martial or at least a good yelling, but no. Anyway, after our conversation I cornered the sysad and barraged him with some tons of security holes, needed upgrades and settings etc. I still don't know if he managed to patch everything (I left him a detailed report) because, as I've written before, budget constraints in the military are the stuff of nightmares. Still, after that, oddly, most people wouldn't even talk to me.
God, that was a nice period of my life, not having to pretend to be interested about sports and TV shows. It would be almost like a story from highschool (if our highschool had such things as a network back then - yes, I am old).
Your stories?8 -
When your colleague is so impatient that he send 100s of emails for a small issue and you cant block him :|
Email 1
Email 2
Email 3
Dude at least let me read the issue in email
Email 4
Email 5
Dude you could have sent..
Email 6
Email 7
Sent.. me a ping on Slack
Email 8
Email 9
WTF man
Email 10
Email 11
Wait dude I am working
Email 11
Email 12
Working on your issue chillex
Email 13
Email 14
Email 15
Email 16
What the fuck :|
Email 17
Email 18
Email 19
Email 20
ARE YOU SERIOUS?
Email 21
Email 22
Email 23
Email 24
Email 25
WHAT THE FUCK MAN :|
Email 26
Email 27
Email 28
I will kick your ass :|
Email 29
Email 30
Email 31
Email 32
Email 33
I will kill you :||
Email 34
Email 35
Email 36
I will fuck your mother :|||
Email 37
Email 38
Email 39
Email 40
I will drop a nuclear bomb on your Ass
Email 41
Email 42
Email 43
Email 44
.
.
.
.
'Its still coming' :|||¦6 -
I'm having an existential crisis with this client.
We are spending millions of $s every year to make sure the product's performance is perfect. We are testing various scenarios, fine-tuning PLABs: the environment, application, middleware, infra,... And then we provide our recommendations to the client: "To handle load of XX parallel users focusing on YY, yy and Zy APIs, use <THIS> configuration".
And what the client does?
- take our recommendations and measure the wind speed outside
- if speed is <20m/s and milk hasn't gone bad yet, add 2x more instances of API X
- otherwise add 3xX, 1xY and give more CPUs to Z
- split the setup in half and deploy in 2 completely separate load-balanced prod environments.
- <do other "tweaking">
- bomb our team with questions "why do we have slow RTs?", "why did the env crash?", "why do we have all those errors?", "why has this been overlooked in PLABs?!?"
If you're improvising despite our recommendations, wtf are we doing here???
One day I will crack. Hopefully, not sometime soon.3 -
Ever get assigned a defect like this?
First click any radio button and hit the Next button. Then on the next screen click some buttons and hit back button. Then hit next, change a radio selection, hit back, then next, then back, then next and eventually page will bomb out.
Wtf am I supposed to do with this?!5 -
I am new to c and cpp.
I used to exploit my college's competitive programming platform cus it had a bad architecture and almost no auth checks.
For every ajax request, they weren't sending auth tokens or any form of identification and ran all the programs without any logs and on the main thread and as root.. wtf, right?
But recently they've changed something to the site and I cannot run bash commands using system() call.
Is there any other way to execute bash commands using c and cpp.
I already configured a miner in their server but then they re-deployed it cos someone forked bomb the shit out of it.
I'm a noob in c and cpp btw!3