Slashdot Mirror

Unless you're a programmer, in which case you are using braces, brackets and periods all the time. Also, those special characters reduce the utility of dvorak, as well, because they weren't taken into consideration.

Remap them if you wish, but I think the importance of doing so for a programmer is overstated. The symbols above the numbers don't change between Dvorak and Qwerty, and the others are in better places in Dvorak. The annoying ones are []{}, which take the place of -_=+, but I type the latter (and /?) more often, especially considering I don't type only code, but email, comments, documentation, Slashdot posts, etc.

See http://pastebin.com/raw.php?i=0VqZDhqX for a couple of Java projects and a Perl one. {} and () are overstated, due to generated Java getters and setters. } is often input automatically by my editor. I hardly type > as the editor completes XML/HTML elements.

(My British keyboard, like all non-European and most non-US keyboards, contains an extra key. This is usually used for accents or extra letters, like Å or ß. Since English doesn't need these, the extra two symbols are for £ (fine) and , which I probably type about once a year. Though writing if (test) would be neat. I type €, , or — more often).

50 Million Potentially Vulnerable to UPnP Flaws - January 2013 Articles and Downloads

###

Multi-Article Document:

Part 1 - Article: 50 Million Potentially Vulnerable to UPnP Flaws
Part 2 - Article: Security Flaws in Universal Plug and Play: Unplug, Don't Play
Part 3 - Router Scan: Universal Plug and Play - Router Security Check
Part 4 - Download: ScanNow for Universal Plug and Play (UPnP) | For Windows
Part 5 - PDF: Whitepaper: Security Flaws in Universal Plug and Play: Unplug, Don't Play.
Part 6 - Article: Millions of devices vulnerable via UPnP
Part 7 - Article and Discussion: 50 Million Potentially Vulnerable To UPnP Flaws

###

Translate this collection (does not include software download(s) and PDF(s): http://translate.google.com/

###

COPYRIGHT: The New Zealand Copyright Act 1994 specifies certain circumstances where all or a substantial part of a copyright work may be used
without the copyright owner's permission. A "fair dealing" with copyright material does not infringe copyright if it is for the following
purposes: research or private study; criticism or review; or reporting current events.

###

This Multi-Article Document Has Been Mirrored At The Following Sites (RAW = text):

http://hpaste.org/81561 (RAW: http://hpaste.org/raw/81561)
http://kpaste.net/66c9a3
http://oxynux.org/pastebin/n3rae9-1874
http://pastebin.com/XHkXHfuF (RAW: http://pastebin.com/raw.php?i=XHkXHfuF)
http://paste.blixt.org/9819498
http://paste.lisp.org/display/135035 (RAW: http://paste.lisp.org/display/135035/raw)
http://paste.yt/p2605.html (RAW: http://paste.yt/P2605.txt)
http://slexy.org/view/s2r3Si2W3C
https://paste.debian.net/230670/
http://www.inetpro.org/pastebin/11699 (RAW: http://www.inetpro.org/pastebin/11699/view/raw)

###

(Part 1): 50 Million Potentially Vulnerable to UPnP Flaws

by Brian Donohue | January 29, 2013, 1:15PM

https://threatpost.com/en_us/blogs/50-million-potentially-vulnerable-upnp-flaws-012913

"In a project that found more than 80 million unique IP addresses responding to Universal Plug and Play (UPnP) discovery requests, researchers at Rapid7 were shocked to find that somewhere between 40 and 50 million of those are vulnerable to at least one of three known attacks.

A Rapid7 white paper enumerated UPnP-exposed systems connected to the Internet and identified the number of vulnerabilities present in common configurations. Researchers found that more than 6,900 product models produced by 1,500 different vendors contained at least one known vulnerability, with 23 million systems housing the same remote code execution flaw.

Between June 1 and Nov. 17, 2012, Rapid7 conducted weekly scans that sent simple service discovery protocUPnPol (SSDP) requests to each routable IPv4 address. In all, 2.2 percent of all public IPv4 addresses responded to the standard UPnP discovery requests. So, 81 million unique IP addresses responded and, upon deeper probing, researchers determined some 17 million further systems exposed the UPnP simple object access protocol (SOAP). This level of exposure was far higher than researchers had expected, according to

50 Million Potentially Vulnerable to UPnP Flaws - January 2013 Articles and Downloads

###

Multi-Article Document:

Part 1 - Article: 50 Million Potentially Vulnerable to UPnP Flaws
Part 2 - Article: Security Flaws in Universal Plug and Play: Unplug, Don't Play
Part 3 - Router Scan: Universal Plug and Play - Router Security Check
Part 4 - Download: ScanNow for Universal Plug and Play (UPnP) | For Windows
Part 5 - PDF: Whitepaper: Security Flaws in Universal Plug and Play: Unplug, Don't Play.
Part 6 - Article: Millions of devices vulnerable via UPnP
Part 7 - Article and Discussion: 50 Million Potentially Vulnerable To UPnP Flaws

###

Translate this collection (does not include software download(s) and PDF(s): http://translate.google.com/

###

COPYRIGHT: The New Zealand Copyright Act 1994 specifies certain circumstances where all or a substantial part of a copyright work may be used
without the copyright owner's permission. A "fair dealing" with copyright material does not infringe copyright if it is for the following
purposes: research or private study; criticism or review; or reporting current events.

###

This Multi-Article Document Has Been Mirrored At The Following Sites (RAW = text):

http://hpaste.org/81561 (RAW: http://hpaste.org/raw/81561)
http://kpaste.net/66c9a3
http://oxynux.org/pastebin/n3rae9-1874
http://pastebin.com/XHkXHfuF (RAW: http://pastebin.com/raw.php?i=XHkXHfuF)
http://paste.blixt.org/9819498
http://paste.lisp.org/display/135035 (RAW: http://paste.lisp.org/display/135035/raw)
http://paste.yt/p2605.html (RAW: http://paste.yt/P2605.txt)
http://slexy.org/view/s2r3Si2W3C
https://paste.debian.net/230670/
http://www.inetpro.org/pastebin/11699 (RAW: http://www.inetpro.org/pastebin/11699/view/raw)

###

(Part 1): 50 Million Potentially Vulnerable to UPnP Flaws

by Brian Donohue | January 29, 2013, 1:15PM

https://threatpost.com/en_us/blogs/50-million-potentially-vulnerable-upnp-flaws-012913

"In a project that found more than 80 million unique IP addresses responding to Universal Plug and Play (UPnP) discovery requests, researchers at Rapid7 were shocked to find that somewhere between 40 and 50 million of those are vulnerable to at least one of three known attacks.

A Rapid7 white paper enumerated UPnP-exposed systems connected to the Internet and identified the number of vulnerabilities present in common configurations. Researchers found that more than 6,900 product models produced by 1,500 different vendors contained at least one known vulnerability, with 23 million systems housing the same remote code execution flaw.

Between June 1 and Nov. 17, 2012, Rapid7 conducted weekly scans that sent simple service discovery protocUPnPol (SSDP) requests to each routable IPv4 address. In all, 2.2 percent of all public IPv4 addresses responded to the standard UPnP discovery requests. So, 81 million unique IP addresses responded and, upon deeper probing, researchers determined some 17 million further systems exposed the UPnP simple object access protocol (SOAP). This level of exposure was far higher than researchers had expected, according to

How's Duke Nukem Forever on that rig?

Well that would require me owning it, and even though it's been on sale a dozen times on steam as cheaply as $5 I still don't own it, maybe if it gets down to $2.99. Hah

Though my shogun2 DX11 high bench gives me an average FPS: 41.6875 on the new 313.96 drivers. And here's the old 3dmark score from back a bit ago before I started tinkering with it. Still haven't gotten around to running a new bench for it. Back when I first did the build it was in the top 3 fastest in the FX6100/560ti category at stock.

The graphics suck though.

I disagree

This is the stack trace mentioned in the article:
http://pastebin.com/UkhERvaA

Doesn't look like a c-string or printf issue to me at all.

So, where are your benchmark tests?

Here is a fixed version of the test: http://pastebin.com/CkJB6h2K

It is at least 10 times faster and the only likely difference between mine and the original author is that I am using the Java IO framework correctly. I will hand of new connections to a connection pool while he incorrectly runs it all in one thread. His is just wrong.

If the author will not publish his source code I will: http://pastebin.com/CkJB6h2K

This is a 32 line Scala program. Yes Scala instead of Java but it is based on the exact same SocketServer that the author claims his program uses. It will sit there and listen for a connection, then do a simple imitation of HTTP. It even optionally supports HTTP Keep Alive.

Now to the test. I use the Apache AB tool: http://httpd.apache.org/docs/2.2/programs/ab.html

First without using -k (keep alive):

baldur@neaira:~/tmp$ ab -c 4 -t 10 -n 1000000 http://localhost:5555/
Time taken for tests: 10.000 seconds
Complete requests: 136991
Requests per second: 13698.99 [#/sec] (mean)

So about 13,000 requests per second processed on my old laptop. The author did 2000 requests in 2687 ms = 1344 requests per second or about 10 times slower than my program.

Lets try again with Keep Alive enabled:

baldur@neaira:~/tmp$ ab -c 4 -t 10 -n 1000000 -k http://localhost:5555/
Time taken for tests: 10.000 seconds
Complete requests: 692424
Requests per second: 69242.23 [#/sec] (mean)

So now we are doing 69.000 requests per second or 50 times faster than the authors program.

It might be that my old laptop is 10 or 50 times faster than the setup the author uses. But somehow I do really not think that is it. I think it is extremely likely that the author is a .NET programmer that has insufficient knowledge of Java to code this simple test correctly and that his program is simply wrong. More specifically I suspect that he did not know that you need to use a thread pool to process the connections, or if he did use one, that he used it wrong.

Since the application I develop somehow manages to crash the JVM in versions 7+. Hurray! Try it for yourself and see if it doesn't work for you too.

http://pastebin.com/GwknZ0z1

Yah. And Perl still looks like modem noise.

If you think that's bad, you should check out some BrainFuck program source!

In BF, there are only 8 commands, each represented by a single character.
Those commands are < > + - . , [ ]
Any other characters are ignored as comments.

For example, this is The Game of Life in .bf: http://pastebin.com/xCUhv9e8
This is the de-css dvd decryption: http://pastebin.com/R75ruPRe

Yah. And Perl still looks like modem noise.

If you think that's bad, you should check out some BrainFuck program source!

In BF, there are only 8 commands, each represented by a single character.
Those commands are < > + - . , [ ]
Any other characters are ignored as comments.

For example, this is The Game of Life in .bf: http://pastebin.com/xCUhv9e8
This is the de-css dvd decryption: http://pastebin.com/R75ruPRe

"Unfortunately the exploit had to be removed, feel free to follow me on Twitter" .. link

A zero-day exploit has been found in the Nvidia Display Driver Service on Windows machines. An attacker with local access can use the exploit to gain root privileges on a Windows machine. Windows domains with relaxed firewall rules or file sharing enabled can also pull off the exploit, which was posted to Pastebin by researcher Peter Winter-Smith.

Granted, I've seen worse, but c'mon, man, you're getting paid for this shit.

Pay attention.

http://pastebin.com/G3ZGbbaX

Anonymous does not hack McDonald's and then demand that Toys R Us reduce the retail price of Barbie toys by 50%.

I agree the banks doesn't have anything to do with the video being protested about...

But I imagine that the story conveyed by news reporters have about as much to do with reality, as McDonalds have to do with the retail price of Barbie.
... Okay, haven't read the pastebin.... It seems they are targeting banks over a video...
BTW, read it: http://pastebin.com/E4f7fmB5
It would probably be easier to take them seriously, if they wrote proper English.
But their logic about attacking banks isn't totally flawed :)
In the questions sections they reply:

In the system where the religion and sacred things are not honorable, and only material, money and finance have value

Personally, I don't agree. nor do I think there's any organization behind the video in question...
Honestly, protesting the works of a crazy individual isn't going to change... But if they are going to protest this video, civil disobedience is the way to go..

I think it's a hoax as well.

Here is the full raw email. http://pastebin.com/raw.php?i=KefZru47 It clearly shows that the email originated from the Nokia network.

This is nothing more then Gov phishing attempt. I spent about 4 hours and went through most of the data, spotted few people I know, they have never had accounts on servers as those dumps claimed, I told them their “passwords” they had no clue what I was talking about, there was no wow how did you know! Reaction. Tried about 5000 user/password attempts none of them worked. Text strings from most of the Nasa/gov/contractors are public, you can google them. This whole crap of data looks like giant text scraping in attempt to generate legitimate looking “hacked” data. This was posted yesterday today noting works: http://pastebin.com/RdC0LZqW And those “super hackers” xl3gi0n have even they own facebook page please who buys this?? Another one post same dump GrenXparta_Hacker Just an example Todays dump http://pastebin.com/RdC0LZqW has following hash: MGHkLGt3ZQExBGZ2ZGt2MwD2ZmZ5LGSvZ2H5A2H0LzR= Quick search for this hash shows it showed up Sep 12 2012 on some Russian page: http://forum.insidepro.com/viewtopic.php?t=17101&sid=962d5d41e1b8225c223283ab91908b66 Some guy asks in Russian security forum what that hash is and someone says that it looks like SHA-256, but it misses / + so it is not. Or search for this: AGL2ZmEuL2HmAJL1AmVmMwVkLJRkAGL5BGtkZ2EyZTL= Every single one of those hashes is searchable on the net, most of them (from today) are from http://www.itpints.com/?sources%5B%5D=Twitter&q=Alexis%20Wright What is this? Real time search engine that generates hashes the same as in “leaked” docs claiming to be passwords? It screams FAKE. There is probably quite a few hashes\hot spots included that government is monitoring and checks who searches for what, also they will phish all the idiots that will share their work related data with “anonymous” install pin point them malware on their PC and monitor them further. At list what I would do :)

This is nothing more then Gov phishing attempt. I spent about 4 hours and went through most of the data, spotted few people I know, they have never had accounts on servers as those dumps claimed, I told them their “passwords” they had no clue what I was talking about, there was no wow how did you know! Reaction. Tried about 5000 user/password attempts none of them worked. Text strings from most of the Nasa/gov/contractors are public, you can google them. This whole crap of data looks like giant text scraping in attempt to generate legitimate looking “hacked” data. This was posted yesterday today noting works: http://pastebin.com/RdC0LZqW And those “super hackers” xl3gi0n have even they own facebook page please who buys this?? Another one post same dump GrenXparta_Hacker Just an example Todays dump http://pastebin.com/RdC0LZqW has following hash: MGHkLGt3ZQExBGZ2ZGt2MwD2ZmZ5LGSvZ2H5A2H0LzR= Quick search for this hash shows it showed up Sep 12 2012 on some Russian page: http://forum.insidepro.com/viewtopic.php?t=17101&sid=962d5d41e1b8225c223283ab91908b66 Some guy asks in Russian security forum what that hash is and someone says that it looks like SHA-256, but it misses / + so it is not. Or search for this: AGL2ZmEuL2HmAJL1AmVmMwVkLJRkAGL5BGtkZ2EyZTL= Every single one of those hashes is searchable on the net, most of them (from today) are from http://www.itpints.com/?sources%5B%5D=Twitter&q=Alexis%20Wright What is this? Real time search engine that generates hashes the same as in “leaked” docs claiming to be passwords? It screams FAKE. There is probably quite a few hashes\hot spots included that government is monitoring and checks who searches for what, also they will phish all the idiots that will share their work related data with “anonymous” install pin point them malware on their PC and monitor them further. At list what I would do :)

I came up with this quick&dirty (I got a strange kind of laziness) script.

Typically, there happen to be enclosed spaces, so I am not sure what a “perfect maze” is (re no isolations). Of course, I might have screwed up.

Here are three links to the text form of the brief:

On One of My Boxes

On Reference Blog

On Pastebin

The actual list of targets was pastebinned:
http://pastebin.com/Ms4nJSZx

If it's not illegal to do so, in their native countries, some might wish to join the good guys.

The attacker's Pastebin posts can be found here: http://pastebin.com/u/ComodoHacker . The authenticity seems likely to me; in one post he links to a calculator.exe that you can download which is signed by a Diginotar certificate. When you inspect the file properties in Windows, it will indeed state that the file is certified.

http://pastebin.com/YBMHMnX7

Hardly

i know i suck but here is the complete list:

http://pastebin.com/TtGNBygm

i tried to post the list, but /. diligent post filters stopped me. please pardon the pastebin

http://pastebin.com/ZUg8eKYd

It should have atleast been events around the world (a globe with blob points each resprenting a news article, sized as large as the importance of the article).

Yes. And if you RTFA, you'll see:

Unfortunately, I didn't find any good way to obtain latitude and longitude reliably for each piece of news, otherwise we could have created a much cooler effect, showing each picture and news at the right spot on the surface of Earth... If anybody has an idea on how to do that, I'm interested.

The best there is GeoRSS, but Google News doesn't use that. So we can show the earthquakes on a globe if you wish. Hit the 'w' key for a small animation.

Now, if you know of a good database of geolocalized news, I'm very interested.

This is a scam. I read the letter here. If the scammer really has Romney's signature scanned, he'd post it somewhere, along with just enough interesting facts for reporters to verify that they really do have Romney's returns. It's fun talking about this scam, but it's just some young dork across the pond who thought this up and is having some fun. I checked his two bitcoin accounts. As of now, the account for releasing the returns is a bit over 1.1BTC, or about $11, and that's almost all from one transaction. The account for not releasing the returns has 0.33BTC, with 33 tiny transactions.

I really do want to know what's in those returns, but any BTC sent to this hack is a waste of BTC.

Here is the pastebin if anyone is interested:

http://pastebin.com/McB20Q5s

Slightly better paste from the source, with basic formatting, on Pastebin.

Browse through the cache or view in plain text on Pastebin.

Awwwwwwww.... they removed and disabled commenting.
Google Cache to the rescue!

copypasta'ed here: http://pastebin.com/XVj6CS1W

They also updated the original post:

As background, our system works like this in order to support a large volume of broadcasters using our free platform. Users of our paid, ad-free Pro Broadcasting service **UPDATED CLARIFICATION and those users who notify Ustream in advance they have rights permissions (however Ustream's messaging to our broadcaster community is not as clear as it should be. We are resolving this now) are automatically white listed to avoid situations like this and receive hands-on client support.

For readability, s/;/;\n/g. From an error message it seems Slashdot is hostile to small lines in posts. The original is 73 lines.

http://pastebin.com/sUfZkVaQ

#!/usr/bin/env perl use strict; use Digest::SHA; use Cwd; use File::Util; my $topDir=cwd(); my($f) = File::Util->new(); my(@files) = $f->list_dir($topDir,'--recurse'); my %hash; my $deleteFlag=$ARGV[0]; #print $deleteFlag,"\n"; foreach my $file(@files) { if(-d $file) {next;} my $size=$f->size($file); push @{$hash{$size}},$file; } my ($filectr,$setctr)=(0,0); foreach my $key (sort { $a $b } keys %hash) {#loop through sizes my $value=$hash{$key}; my @arr=@{$value}; my $numFiles = @arr; if ($numFiles $b } keys %shahash) { #loop through files of same hash value my $shavalue=$shahash{$shakey}; my @shaarr=@{$shavalue}; my $numFilesSha = @shaarr; if($numFilesSha new($alg); $sha->addfile($filename); my $digest = $sha->hexdigest(); return $digest; } sub unixFilename { my ($filename) = @_; $filename =~ s/\)/\\\)/g; $filename =~ s/\(/\\\(/g; $filename =~ s/\ /\\ /g; $filename =~ s/\;/\\\;/g; $filename =~ s/\'/\\\'/g; $filename =~ s/\"/\\\"/g; $filename =~ s/\&/\\\&/g; $filename =~ s/\!/\\\!/g; return $filename; }

For this purpose I'm using a wonderful perl script, fdupes.pl. I've tested it on many millions files, many terabytes filesystems and it works fine. I've found the original on perlmonks.org, but modified it to 1 skip symbolic links (a symlink is obviously identical to its target) 2 auto-delete dupes (after confirmation). For anyone interested, find the script here: http://pastebin.com/cMFbBjt9

HUGE Security Resource+ - version 6000 - 08/31/2012
http://cryptome.org/2012/08/huge-sec-v6000.txt
http://pastebin.com/raw.php?i=f3Z4fQvK
http://pastebin.com/f3Z4fQvK

the document Slashdot refuses to post, even deletes it from submission queue.

HUGE Security Resource+ - version 6000 - 08/31/2012
http://cryptome.org/2012/08/huge-sec-v6000.txt
http://pastebin.com/raw.php?i=f3Z4fQvK
http://pastebin.com/f3Z4fQvK

the document Slashdot refuses to post, even deletes it from submission queue.

HUGE Security Resource+ - version 6000 - 08/31/2012
http://cryptome.org/2012/08/huge-sec-v6000.txt
http://pastebin.com/raw.php?i=f3Z4fQvK
http://pastebin.com/f3Z4fQvK

HUGE Security Resource+ - version 6000 - 08/31/2012
http://cryptome.org/2012/08/huge-sec-v6000.txt
http://pastebin.com/raw.php?i=f3Z4fQvK
http://pastebin.com/f3Z4fQvK

HUGE Security Resource+ - version 6000 - 08/31/2012
http://cryptome.org/2012/08/huge-sec-v6000.txt
http://pastebin.com/raw.php?i=f3Z4fQvK
http://pastebin.com/f3Z4fQvK

HUGE Security Resource+ - version 6000 - 08/31/2012
http://cryptome.org/2012/08/huge-sec-v6000.txt
http://pastebin.com/raw.php?i=f3Z4fQvK
http://pastebin.com/f3Z4fQvK

HUGE Security Resource+ - version 6000 - 08/31/2012
http://cryptome.org/2012/08/huge-sec-v6000.txt
http://pastebin.com/raw.php?i=f3Z4fQvK
http://pastebin.com/f3Z4fQvK

Poor Slashdot, won't even publish this important document.

HUGE Security Resource+ - version 6000 - 08/31/2012
http://cryptome.org/2012/08/huge-sec-v6000.txt
http://pastebin.com/raw.php?i=f3Z4fQvK
http://pastebin.com/f3Z4fQvK

Poor Slashdot, won't even publish this important document.

HUGE Security Resource+ - version 6000 - 08/31/2012
http://cryptome.org/2012/08/huge-sec-v6000.txt
http://pastebin.com/raw.php?i=f3Z4fQvK
http://pastebin.com/f3Z4fQvK

Thank you Cryptome for posting it at the top of the page today!

HUGE Security Resource+ - version 6000 - 08/31/2012
http://cryptome.org/2012/08/huge-sec-v6000.txt
http://pastebin.com/raw.php?i=f3Z4fQvK
http://pastebin.com/f3Z4fQvK

Thank you Cryptome for posting it at the top of the page today!

http://pastebin.com/DtbTyFnR

http://pastebin.com/YEbM3Brv

Pastebins which are usable via Tor and do not require javascript to use

WHEN YOU NEED TO POST SH*T RIGHT NOW, BEHIND Tor.....
The List of No Bullsh*t Pastebins Usable Via Tor is here for you!

[1] http://pastebin.com/PesPA0VL

http://pastebin.com/cTJeeTat

While trying to link to the files (from TFA) on my independently hosted Wordpress-based website, I encountered a very peculiar situation where any attempt to include this link: http://pastebin.com/BuabHTvr -- resulted in a failed or deleted post. That link directs to the files mentioned in the story above. But any effort to include it in a post on Wordpress results in an error message.

I have created a video to document the experience here.

I'd really appreciate any insight as to WTF this is happening. And please pardon the quality in advance; I spent waaaay too much time trying to edit out the black-space, but either I don't get pitivi, or it sucks. Anyway, it must be watched in HD to see the text.