Domain: phonelosers.org
Stories and comments across the archive that link to phonelosers.org.
Comments · 27
-
Re:In related news ...
...and in other news, it's getting harder to build killer robots in the privacy of your own hotel room
-
This software obviously brought to you by...
Cactus. Cactus cactus, cactuses. Cactii, cactus. Cactus cactus.
Cactus.
(couldn't resist a good pun)
-
Fun with deaf relay operators :)
From the Phone Losers of America:
EPISODE #3 - Deaf Relay Operators
This episode features my new co-host Mary, a relay operator. It also features songs, skits, messages, commentary, commercials and raps all performed by deaf relay operators. It's approximately 17 minutes long and the download is 15,597 kb. Click here to listen to it.
Most of the relay voicemail messages played are more than 10 years old. The message involving the terrorist blowing up a commuter airline, done in 1994, was left on my own voicemail by myself while hanging out in the Portland, Oregon airport. "Mahmoad" was my roommate's name. Other messages were left on my home answering machine by PLA readers that I don't know. Thanks to RTF who made the Shakesphere promo for us a couple years ago.
The people over at the Deaf Relay Message Board aren't too amused with this episode! Be sure to stop by and say hello to the board moderator, Clear-Conscience. There's some great messages there relating to relay prank calls and a lot of the ops think that they're vigilantes and will call back the pranksters.
The MP3 file is here: http://www.oldpeoplearefunny.com/sound/plaradio03. mp3 -
The PLA!
Did anyone read the second page?
...It said the People's Liberation Army (PLA) sees computer network...The PLA has likely established information warfare units to develop viruses to attack enemy computer systems.
RBCP does it again!
http://www.phonelosers.org -
Re:So public domain software/Code
You mean like Perri-air?
-
"Last Measure" improper MySQL accessing code..."Last Measure" improper MySQL accessing code can lead to arbitrary MySQL command execution
Date discovered: 10 Oct. 2004 Severity: Critical
Synopsis
The popular "Last Measure" PHP script, commonly used by trolls and script kiddies, contains unique features including the logging of referer information (for both URLs and the username of the poster), the IP address of the victim, and the victim's clipboard contents (the code only works with versions of Internet Explorer running on Windows XP or earlier without Service Pack 2, even though there are similar ways to get clipboard information from Mozilla-based browsers).
One part of the script, a database browser for victim's clipboard contents, contains hastily-written code (authored by Rucas) that can be exploited to execute arbitrary MySQL commands via modification of the variables passed in an HTTP GET request.
Proof of Concept
A normal GET request to look at a specific database entry looks like this:
GET
/lastmeasure/clipboard.php?n=#### HTTP/1.0
...where "####" is a number used to access a specific entry in the database. The numeric parameter value can be modified to pass another MySQL command (in the example shown below, the entire database is deleted):
GET
/lastmeasure/clipboard.php?n=%0aDELETE%20FROM%20cl ipboard%20WHERE%20clipboard%20!=%20%27%27%0a%23 HTTP/1.0
A stray "%0a" is interpreted literally as a command separator, which allows other commands to take place (an error message may result for the command that is supposed to run, but all other commands will run).
Solution
It is highly recommended that the "Last Measure" script be disabled completely (or that the database functionality be disabled) until a patch is released. Contact the developers at lastmeasure.com if you have any concerns.
(vulnerability found by the people here) -
script kiddies 0wn gnaa =)"Last Measure" improper MySQL accessing code can lead to arbitrary MySQL command execution
Date discovered: 10 Oct. 2004 Severity: Critical
Synopsis
The popular "Last Measure" PHP script, commonly used by trolls and script kiddies, contains unique features including the logging of referer information (for both URLs and the username of the poster), the IP address of the victim, and the victim's clipboard contents (the code only works with versions of Internet Explorer running on Windows XP or earlier without Service Pack 2, even though there are similar ways to get clipboard information from Mozilla-based browsers).
One part of the script, a database browser for victim's clipboard contents, contains hastily-written code (authored by Rucas) that can be exploited to execute arbitrary MySQL commands via modification of the variables passed in an HTTP GET request.
Proof of Concept
A normal GET request to look at a specific database entry looks like this:
GET
/lastmeasure/clipboard.php?n=#### HTTP/1.0 ...where "####" is a number used to access a specific entry in the database. The numeric parameter value can be modified to pass another MySQL command (in the example shown below, the entire database is deleted):
GET
/lastmeasure/clipboard.php?n=%0aDELETE%20FROM%20cl ipboard%20WHERE%20clipboard%20!=%20%27%27%0a%23 HTTP/1.0
A stray "%0a" is interpreted literally as a command separator, which allows other commands to take place (an error message may result for the command that is supposed to run, but all other commands will run).
Solution
It is highly recommended that the "Last Measure" script be disabled completely (or that the database functionality be disabled) until a patch is released. Contact the developers at lastmeasure.com if you have any concerns.
(vulnerability found by the people here) -
0day h4x =)"Last Measure" improper MySQL accessing code can lead to arbitrary MySQL command execution
Date discovered: 10 Oct. 2004 Severity: Critical
Synopsis
The popular "Last Measure" PHP script, commonly used by trolls and script kiddies, contains unique features including the logging of referer information (for both URLs and the username of the poster), the IP address of the victim, and the victim's clipboard contents (the code only works with versions of Internet Explorer running on Windows XP or earlier without Service Pack 2, even though there are similar ways to get clipboard information from Mozilla-based browsers).
One part of the script, a database browser for victim's clipboard contents, contains hastily-written code (authored by Rucas) that can be exploited to execute arbitrary MySQL commands via modification of the variables passed in an HTTP GET request.
Proof of Concept
A normal GET request to look at a specific database entry looks like this:
GET
/lastmeasure/clipboard.php?n=#### HTTP/1.0
...where "####" is a number used to access a specific entry in the database. The numeric parameter value can be modified to pass another MySQL command (in the example shown below, the entire database is deleted):
GET
/lastmeasure/clipboard.php?n=%0aDELETE%20FROM%20cl ipboard%20WHERE%20clipboard%20!=%20%27%27%0a%23 HTTP/1.0
A stray "%0a" is interpreted literally as a command separator, which allows other commands to take place (an error message may result for the command that is supposed to run, but all other commands will run).
Solution
It is highly recommended that the "Last Measure" script be disabled completely (or that the database functionality be disabled) until a patch is released. Contact the developers at lastmeasure.com if you have any concerns.
(vulnerability found by the people here) -
PLA performs hostile takeover of SPC, GNAA, othersPLA performs hostile takeover of SPC, GNAA, others
ALTON -- The Phone Losers of America (NYSE: XPLA) has become the sole stockholder of all shares of multiple former corporations such as the South Philly Cru (SPC) and the Gay Nigger Association of America (GNAA). Stock prices for the PLA have soared over 500% since this morning, and a stock split is planned for July 5th in celebration.
We at the PLA have developed literally hundreds of Internet phenomenon, including "OMG HAX!", "TEH BEST STUFFS!", and "WTFOMGBBQLOL!". Our victim list is longer than any group, with high-end victims such as Fox News and KCTV! So...- Do you own a phone?
- Are you a loser?
- Do you live in America?
...if so, the Phone Losers of America is for you!888b. 8___ ___db____
Phone numbers: (413) 370-0333 x752 (long distance charges always apply) Become a member and get access to a collect-call-accepting bridge! Website: www.phonelosers.org IRC Server: EFnet, #PLA
8__.8 8___ __dPYb___
8wwP' 8___ .dPwwYb._
8____ 8888 dP____Yb_
P.S. RvB IS TOTAL CRAP -
PLA performs hostile takeover of SPC, GNAA, othersPLA performs hostile takeover of SPC, GNAA, others
ALTON -- The Phone Losers of America (NYSE: XPLA) has become the sole stockholder of all shares of multiple former corporations such as the South Philly Cru (SPC) and the Gay Nigger Association of America (GNAA). Stock prices for the PLA have soared over 500% since this morning, and a stock split is planned for July 5th in celebration.
We at the PLA have developed literally hundreds of Internet phenomenon, including "OMG HAX!", "TEH BEST STUFFS!", and "WTFOMGBBQLOL!". Our victim list is longer than any group, with high-end victims such as Fox News and KCTV! So...- Do you own a phone?
- Are you a loser?
- Do you live in America?
...if so, the Phone Losers of America is for you!888b. 8___ ___db____
Phone numbers: (413) 370-0333 x752 (long distance charges always apply) Become a member and get access to a collect-call-accepting bridge! Website: www.phonelosers.org IRC Server: EFnet, #PLA
8__.8 8___ __dPYb___
8wwP' 8___ .dPwwYb._
8____ 8888 dP____Yb_ -
Re:Freaks!
-
Please deposit some cash....PLA performs hostile takeover of SPC, GNAA, others
ALTON -- The Phone Losers of America (NYSE: XPLA) has become the sole stockholder of all shares of multiple former corporations such as the South Philly Cru (SPC) and the Gay Nigger Association of America (GNAA). Stock prices for the PLA have soared over 500% since this morning, and a stock split is planned for July 5th in celebration.
We at the PLA have developed literally hundreds of Internet phenomenon, including "OMG HAX!", "TEH BEST STUFFS!", and "WTFOMGBBQLOL!". Our victim list is longer than any group, with high-end victims such as Fox News and KCTV! So...- Do you own a phone?
- Are you a loser?
- Do you live in America?
...if so, the Phone Losers of America is for you!888b. 8___ ___db____
Phone numbers: (413) 370-0333 x752 (long distance charges always apply) Become a member and get access to a collect-call-accepting bridge! Website: www.phonelosers.org IRC Server: EFnet, #PLA
8__.8 8___ __dPYb___
8wwP' 8___ .dPwwYb._
8____ 8888 dP____Yb_ -
Re:pranks via TTY
You probably meant Phone Losers of America.
-
Some Good Examples of Deaf Relay (TTY) Abuse
Can be found here:
http://phonelosers.org/sound.html
Specifcally this one which would probably get you a trip to camp X-ray today
Phone_Losers_of_America_0118_Deaf_Relay_Commuter_A irline.mp3 -
You could waste even more time...at this site Phone related site.
-
Convert your tin foil hat to a wallet? Not yet...
Nothing like a Slashdot post to jump to a conclusion.
Clearly, there's something funny going on with the microwaved bills... but stores don't have RFID scanners at the exits yet. They have an acousto-magnetic sensor that gets deactivated by a pad at the cash register so that paying customers aren't supposed to set them off. Big difference here is that the tags in a store system don't yet emit an identifying signal... they all emit the same reply. The store doesn't know what a shoplifter did to trip the alarm, just that they did trip it. There's not quite proof that each bill is emitting its serial number yet.
Also, having microwaved everything in a stack makes things a bit unclear. Did every eye burn on its own, or did just one or two bills in the middle of the stack catch flame which in turn burned all of the bills above and below in varying degrees. Notice that the top and bottom bills were unharmed. Could one bill alone be microwaved safely?
And, BTW, if you so much as put slightly crumpled tin foil in your microwave, you get a similar effect. Could there just be a small metal content in the bill designed so that somebody who has $1000 worth of $20 bills (rather than simply 10 $100's) in their wallet is sure to set off an airport security alarm until they show their wallet to make sure they get an extra security questions?
It's interesting, but I think more research needs to be done. Microwave carefully, people. -
Ah yes...
The old modem upgrade trick...
-
Phreaking
For more about Fone Phreaking, check out the grand master... Phone Losers of America
-
The Old Modem Upgrade Scam...
-
That's called red boxing
It still works in some remote areas..
http://www.phonelosers.org/red_box.html. -
Re:You're a fucking IDIOT!!
Homeless?! What the fuck! How the hell is the guy going to afford 1300 items, plus the velcro, a back pack, and other necessities he's used!.
Yeah, because as we've all learned from Napster, the latest download sites for the new Harry Potter movie, and Winona Ryder; everyone pays for everything they have!
Here's betting that if he's a real geek? He went Dumpster Diving for most of it. -
FP
-
And what of recordable greeting cards?
Pity poor greeting card companies. Their five dollar recordable birthday cards are gonna get a lot more expensive. That means your red box budget will go up as well.
Of course, Hallmark's cost/profit margins are probably higher than the RIAA's.. how much does a $2.99 greeting card cost to manufacture?
W -
Returning cartridges
More info on returning things to retail stores can be found here.
-
HmmI remember when my friend Alex used to harass people with dial-a-song. *sniff* those were the days.
-Legion
-
Re:I use Paypla on AOLiza
PayPLA?
Why, that's great, because those PLA people deserve every cent. It takes a special kind of person to describe how to really hack WWIV BBSes.
-- -
Re:I use Paypla on AOLiza
PayPLA?
Why, that's great, because those PLA people deserve every cent. It takes a special kind of person to describe how to really hack WWIV BBSes.
--