AboutI like trolling people using \u202e :)
Joined devRant on 3/17/2017
Do all the things like ++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatarSign Up
In my school, eleventh grade (so nearly "Abitur", A levels), we got the task to create a program which will be running on every computer here which should replace the Classbook (like a book where homework and lessons and stuff is written down).
Now, the class before mine already did a part of that, a program to share who is ill/not at school, with a mark whether it is excused or not.
So far so good. They all seemed not that bad when they were presenting it to us. Then, the first thing: they didn't know what git is. Well, okay I thought.
Next, there was this password field to access the program. One of them entered the password and clicked enter. That seemed suspiciously fast for an actual secure login. So fast, the password could have been in the Code...
Yesterday I copied that program and put it into a decompiler.
And... I was right.
There were the login credentials in plain text. Also, haven't thought of it but, IP address + username + password + database name were there in plain text, too.
Guess I am going to rewrite this program down to the core3
Yesterday someone from my class asked me if I could hack a netflix account for him because his one-month trial will be over soon.
I have nothing more to say.8
Follow-up to my previous story: https://devrant.com/rants/1969484/...
If this seems to long to read, skip to the parts that interest you.
~ Background ~
Maybe you know TeamSpeak, it's basically a program to talk with other people on servers. In TeamSpeak you can generate identities, every identity has a security level. On your server you can set a minimum security level you need to connect. Upgrading the security level takes longer as the level goes up.
~ Technical background ~
The security level is computed by doing this:
SHA1(public_key + offset)
Where public_key is your public key in Base64 and offset is an 8 Byte unsigned long. Offset is incremented and the whole thing is hashed again. The security level comes from the amount of Zero-Bits at the beginning of the resulting hash.
My plan was to use my GPU to do this, because I heared GPUs are good at hashing. And now, I got it to work.
~ How I did it ~
I am using a start offset of 0, create 255 Threads on my GPU (apparently more are not possible) and let them compute those hashes. Then I increment the offset in every thread by 255. The GPU also does the job of counting the Zero-Bits, when there are more than 30 Zero-Bits I print the amount plus the offset to the console.
~ The speed ~
Well, speed was the reason I started this. It's faster than my CPU for sure. It takes about 2 minutes and 40 seconds to compute 2.55 Billion hashes which comes down to ~16 Million hashes per second.
Is this speed an expected result, is it slow or fast? I don't know, but for my needs, it is fucking fast!
~ What I learned from this ~
I come from a Java background and just recently started C/C++/C#. Which means this was a pretty hard challenge, since OpenCL uses C99 (I think?). CUDA sadly didn't work on my machine because I have an unsupported GPU (NVIDIA GeForce GTX 1050 Ti). I learned not to execute an endless loop on my GPU, and so much more about C in general. Though it was small, it was an amazing project.1
Okay so I'm completely new to OpenCL and I just put some stuff together to get a simple GPU Kernel running. Well that worked pretty good.
The reason I got into OpenCL was because I wanted to do some simple SHA1 cracking on my GPU. What I did was, I got a fast implementation of SHA1 from the internet, which works perfect in normal C++, but for OpenCL I have to rewrite some things. So I replaced all the memset and memcpy and so on with simple for loops and it still worked. Now, this should work on OpenCL, too, I thaught. God I was wrong!
Somehow the clBuildKernel got executed normally, but when I try to access the returned value (the error code) I get an Access Violation? It just doesn't make any sense to me?
Well I will try some stuff tomorrow again and I will find a solution for sure, but still, until now I just don't understand it.
Is it possible to install TeamViewer/AnyDesk on a Debian Server (there is no Display attached to it so it has no real Desktop)?
I installed KDE and xrdp on it and that worked, the problem is that TeamViewer and also AnyDesk have a problem because they both can't find/use the fake RDP Desktop. Well and RDP is just so fucking slow...
So if anyone has some experience in this, I'd appreciate some help.6
My dad got this scammy E-Mail today...
The strange thing was, the sender and recipient were the same address, but I'll get back to that.
Unfortunately, I can't show it to you, but it said something like this:
"As you can see, I wrote this E-Mail from *YOUR* address. I have hacked your Account. Please pay me 300$ in bitcoin to this address: (address here) ..."
You get the point.
Now... my dad was pretty worried about the Account actually beeing hacked. One of his coworkers also got the same E-Mail. I told him that it's easy to fake the 'From' Header of an E-Mail, at least with the mail command on Linux. So I ssh'd into one of my Servers and sent him an E-Mail from firstname.lastname@example.org. Obviously, he didn't expect it to be that easy. Now he believes me that this is a scam and will tell his coworkers tomorrow.
From what I read in that E-Mail there was no part about recipient specific stuff, so I guess someone just wrote one text and made a simple bash Script for that... as you can see, people really do fall for this shit.
Now one question: is there a way to track down the Servers the E-Mail went through? Or is there anything one can do, apart from ignoring it?10
OKAY WHAT THE FUCK JAVA.
At school we were assigned the task to do Huffman's algorithm. Since I am way ahead of all the others, I made a GUI for that. (Btw, we use BlueJ for Java, it's just painful)
Now... I made a JTextField to put the output, which would be any character from 0x0 to 0xFFFF, into it.
Apparently, there is a bug in the setText method, which throws random NullPointerExceptions right into your face if you give it those Unicode characters.
So I looked it up:
It was a Bug, in JDK 1.6.something, where putting a 0xFFFF together with a 0x10000 would cause this. Now you may think, do we still have 1.6? No, we have 1.8 v171, WHY THE FUCK DOES THIS SHIT GIVE ME A NPE?! THE WORST PART IS I CAN'T DO ANYTHING ABOUT IT!
AND IT HAS THE WORST UNDEFINED BEHAVIOR:
1. NPE, nothing else happens
2. The Text box just gets invisible, but the border stays visible + NPE
3. The box completely disappears + NPE
Try-catching it doesn't do anything, everytime I fill the box with text, one of those options happens, and the box was never to be seen again! NOT EVEN CREATING A NEW TEXT BOX AND ADDING IT TO MY WINDOW WORKS.8
Amazing how one can easily browse the web nowadays...
A popup to allow notifications, that shitty cookie information, a subscription box and a fucking video that automatically starts playing while drowning my mobile internet.
Maybe I'll write another rant about the actual topic I looked up...8
I JUST CAN NOT UPDATE THAT ONE SERVER TO DEBIAN 9
- it has no /dev/sda but a /dev/ploopXXXXX which is mounted as / but I can't see it
- uname says it's Linux 2.6.32-042stab126.2 and it says Debian some lines later in the ssh login
- there is no boot loader (I can't find it)
- lsb_release tells me it's running Debian 9.6 stretch, I put stretch into the apt sources
- in /boot there are 2 different versions: 3.16.0-7-amd64 and 4.9.0-8-amd64
- and I do not have physical access to it
WHAT THE FUCK AM I SUPPOSED TO DO?!
I wanted to install OpenVPN on it but that Linux Version doesn't support the Tunnel Interface /dev/net/tun8
Any good async (if possible, also pipeline based) Networking libraries for C++ on Linux? I want to create a small Server which should be able to handle a big amount of TCP connections (~500) at the same time, using threadpools maybe, something like Netty for Java would be the best.9
Visual Studio and its compatibility with Linux applications.
I don't know if I'm the only one, but this is my setup:
- Visual Studio 2017 on Windows 10
- Ubuntu 18.04 subsystem on Windows
I just can't do any Linux coding in Visual Studio... it is using my subsystem as a Remote Compiler and debugger, and a simple Hello World program does build and run successfully, but EVERY SINGLE LINE HAS ERRORS! It can't find stdio.h! Not a single include file works! They get auto-completed so it knows where the files are, but apparently opening them to see all the methods is too much for Visual Studio! I'd say the problem has something to do with IntelliSense since only inside the IDE my code has errors, compiling (which happens on the subsystem) works like a charm.3
Doing the stuff we learned in math today in C on my phone in portrait mode on a root server in my ssh app with mobile data in my free time in school is just some next level shit8
Having fun with some kind of pointers in Java right now...
This is a small program which first gets the address of the String variable and then 100 times the address of the addr variable, prints that address and dereferences it 101 times, to get the actual String back. But does it have an actual use case?
Apart from that, it's interesting to find out about how Java handles memory and stuff...2
Very long story ahead!
Yesterday in the evening a friend of mine (calling him F from now on) became the target of something new to me...
Apparently one can fake his phone number through some fishy ways and call people with that number. Someone (we think we might know who it was, the why is at the end) did this yesterday to F.
Here's the whole story:
We were just talking together on a TeamSpeak Server (a program to talk to others on the internet) when suddenly another friend said: "F, why did you just call me three times in a row?" That was the first thing that was a bit suspicious. After that, F got calls from random numbers (even Afghanistan, we are German), and they said something like "Have fun with the police coming to your house". Then there was silence. 10 minutes later his phone rang and there were a ton of pizza delivery services in his town that apparently got pizza orders from him. Then there was silence, again. Suddenly someone with a hidden number called him, a woman's voice said they were the police and if F doesn't stop calling the police there will be consequences. F then told her what was going on but I think she didn't really care. She then wanted to know where F lives, but I told him not to say that, because if it is the police they can find it out by themself and if it's not, they don't need to know that.
Now, a short break: There is some fake information going around about where F lives. I can't remember when we found out but the attacker thought he would actually live there. No idea what happened at that location...
Now back to the story:
Time went by, nothing really happened. Suddenly F shouted: "There are blue lights outside! The police is here!" He muted his microphone and (the following is what he told us what happened) went down to the door (remember, he is 16) and there were two police men. They were asking about why he called the police. F explained what we knew until then, about number spoofing and stuff... They sent a more technical person to him, he understood what F was trying to explain. The police men drove away and he came back to tell us what happened. (Now we get back to what I heared myself.) The mom came in, screamed something that I couldn't understand, and F went offline. We searched who the attacker could have been. And we are pretty sure we found him. That guy connected to our Minecraft server (that's where I know F from) with his real IP, and his main account, which made it easy to search. He also got a static IP which means it doesn't change. We also got some information that in the recent days this guy was talking about VoIP spoofing and such stuff. Another friend of mine, a bit older, found some proofs and I think he will go to the police.
That's it. Thanks for reading.8
Does anyone know which bytes represent
mov rcx, 0x7FF0000000 (some qword)
mov rdx, 0x12345678 (some dword)
Or where I can find this?4
Is there any package to install with apt to detect if the Server has no Internet connection and output maybe a netstat to a file if so?
My problem is: I have a Server and since today it randomly has no Internet for hours. I don't know if it's a DDoS or something different and I want to find out. I also can only SSH into it so it needs Internet to let me do anything.
(It's just a fun project so there is really only me who could do something)6
Anyone else having the problem that Algo doesn't show new rants? I already had this problem a few months ago, but after about a week it worked again...5
I think I am too stupid to get fail2ban working...
It's installed, configured, it reads from the logs, testcases work, regex works, manual banning works, BUT IT DOES NOT BAN AUTOMATICALLY!
WHY THE FUCK
I litterally tried every tutorial to set it up on the first 3 Pages of ddg.
Well now I blocked those two aggressive ips just with iptables...3
Maybe you have heard about YouTube Music...
In the Google Play Store it's the number 1 music App, Spotify behind it.
So I took a look at the stats:
- 50 Million Downloads
- 4.3 stars rating
- 100 Million Downloads
- 4.5 stars rating
Now change my mind:
Google promotes their products by just placing them on top of everything.16
!rant && !dev
So... yesterday was the red Moon and Mars was visible and so much more. I took a lot of pictures with my telescope. I also took a 4k Video for 5 Minutes (my storage is now full)
Picture from yesterday: https://devrant.com/rants/1591093/...
Got some 40Gig HDDs at home... the one marked crashes Windows Explorer and short after that the whole System if you plug it into a running Windows3