Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Wed 17 Oct 2018, 21:03
All times are UTC - 4
 Forum index » Off-Topic Area » Security
Don't just blindly copy code/text from a site...even murga's
Post new topic   Reply to topic View previous topic :: View next topic
Page 1 of 1 [9 Posts]  
Author Message
belham2

Joined: 15 Aug 2016
Posts: 1551

PostPosted: Mon 30 Jan 2017, 16:00    Post subject:  Don't just blindly copy code/text from a site...even murga's  

Following this rule of thumb is just plain smart, as some on here have noted before:

http://lifepluslinux.blogspot.be/2017/01/look-before-you-paste-from-website-to.html
Back to top
View user's profile Send private message 
drunkjedi


Joined: 24 May 2015
Posts: 897

PostPosted: Tue 31 Jan 2017, 00:54    Post subject:  

That's why code boxes are there
Code:
font is small [size=0]can see it?[/size]
colour is changed [color=white]still see it?[/color]
Anything written in between [code ] [ /code] is shown as it is. Can't hide there.

Please correct me if I am wrong.
Back to top
View user's profile Send private message 
greengeek


Joined: 20 Jul 2010
Posts: 5220
Location: Republic of Novo Zelande

PostPosted: Tue 31 Jan 2017, 04:16    Post subject:  

Thanks belham - very important lesson. Freaked me out.

Code:
ls ; clear; echo 'Haha! You gave me access to your computer with sudo!'; echo -ne 'h4cking ## (10%)\r'; sleep 0.3; echo -ne 'h4cking ### (20%)\r'; sleep 0.3; echo -ne 'h4cking ##### (33%)\r'; sleep 0.3; echo -ne 'h4cking ####### (40%)\r'; sleep 0.3; echo -ne 'h4cking ########## (50%)\r'; sleep 0.3; echo -ne 'h4cking ############# (66%)\r'; sleep 0.3; echo -ne 'h4cking ##################### (99%)\r'; sleep 0.3; echo -ne 'h4cking ####################### (100%)\r'; echo -ne '\n'; echo 'Hacking complete.'; echo 'Use GUI interface using visual basic to track my IP'
ls -lat


As he says - paste into a text editor before copying it into a terminal. Lesson learnt.
cheers!
Back to top
View user's profile Send private message 
belham2

Joined: 15 Aug 2016
Posts: 1551

PostPosted: Tue 31 Jan 2017, 04:36    Post subject:  

drunkjedi wrote:
That's why code boxes are there
Code:
font is small [size=0]can see it?[/size]
colour is changed [color=white]still see it?[/color]
Anything written in between [code ] [ /code] is shown as it is. Can't hide there.

Please correct me if I am wrong.


Hi drunkjedi,

No, unfortunately the
Code:
boxes do nothing to stop this. The thing is, they themselves (among other tricks) are coded to have the same color (off-white) background. Besides, the hackers have learned to use "0" sized font along with that background trick, and it makes it hard (but not impossible) to recognize by just looking at the
Code:
 
box or whatever that is put in it (on any website).

As greengeek notes, best way around this is to just slap it in Geany (or any other text editor), where you'll have the ability to see spacing gaps that look weird, changing background and foreground coloring, or recognizing code that is just gibberish. I think for us (those that are on murga here frequently), we are more careful than most. The worry is with those who are not. Still, I've stared at some stuff posted here, long scripts, and there would be no way to know unless I didn't first throw that script into an editor, starting changing the text & background colors, and the highlighting colors, especially of any extended (special) code areas. I have a "special" profile in Geany set up just for this, that way it takes a few seconds to set up, and quickly check & look over the script I downloaded before I commit it to the OS.
Back to top
View user's profile Send private message 
drunkjedi


Joined: 24 May 2015
Posts: 897

PostPosted: Tue 31 Jan 2017, 07:54    Post subject:  

Yes I understand that it can be written like below here on murga too

ls ; clear; echo 'Haha! You gave me access to your computer with sudo!'; echo -ne 'h4cking ## (10%)\r'; sleep 0.3; echo -ne 'h4cking ### (20%)\r'; sleep 0.3; echo -ne 'h4cking ##### (33%)\r'; sleep 0.3; echo -ne 'h4cking ####### (40%)\r'; sleep 0.3; echo -ne 'h4cking ########## (50%)\r'; sleep 0.3; echo -ne 'h4cking ############# (66%)\r'; sleep 0.3; echo -ne 'h4cking ##################### (99%)\r'; sleep 0.3; echo -ne 'h4cking ####################### (100%)\r'; echo -ne '\n'; echo 'Hacking complete.'; echo 'Use GUI interface using visual basic to track my IP' ls -lat

But what I meant that I couldn't replicate that in code box.
And so I think it's ok to copy from code box as what you see in code box is what you get.....

Code:
ls[color=white][size=0] ; clear; echo 'Haha! You gave me access to your computer with sudo!'; echo -ne 'h4cking ## (10%)\r'; sleep 0.3; echo -ne 'h4cking ### (20%)\r'; sleep 0.3; echo -ne 'h4cking ##### (33%)\r'; sleep 0.3; echo -ne 'h4cking ####### (40%)\r'; sleep 0.3; echo -ne 'h4cking ########## (50%)\r'; sleep 0.3; echo -ne 'h4cking ############# (66%)\r'; sleep 0.3; echo -ne 'h4cking ##################### (99%)\r'; sleep 0.3; echo -ne 'h4cking ####################### (100%)\r'; echo -ne '\n'; echo 'Hacking complete.'; echo 'Use GUI interface using visual basic to track my IP' ls[/color][/size] -lat
Back to top
View user's profile Send private message 
belham2

Joined: 15 Aug 2016
Posts: 1551

PostPosted: Tue 31 Jan 2017, 08:19    Post subject:  

drunkjedi wrote:
Yes I understand that it can be written like below here on murga too

ls ; clear; echo 'Haha! You gave me access to your computer with sudo!'; echo -ne 'h4cking ## (10%)\r'; sleep 0.3; echo -ne 'h4cking ### (20%)\r'; sleep 0.3; echo -ne 'h4cking ##### (33%)\r'; sleep 0.3; echo -ne 'h4cking ####### (40%)\r'; sleep 0.3; echo -ne 'h4cking ########## (50%)\r'; sleep 0.3; echo -ne 'h4cking ############# (66%)\r'; sleep 0.3; echo -ne 'h4cking ##################### (99%)\r'; sleep 0.3; echo -ne 'h4cking ####################### (100%)\r'; echo -ne '\n'; echo 'Hacking complete.'; echo 'Use GUI interface using visual basic to track my IP' ls -lat

But what I meant that I couldn't replicate that in code box.
And so I think it's ok to copy from code box as what you see in code box is what you get.....

Code:
ls[color=white][size=0] ; clear; echo 'Haha! You gave me access to your computer with sudo!'; echo -ne 'h4cking ## (10%)\r'; sleep 0.3; echo -ne 'h4cking ### (20%)\r'; sleep 0.3; echo -ne 'h4cking ##### (33%)\r'; sleep 0.3; echo -ne 'h4cking ####### (40%)\r'; sleep 0.3; echo -ne 'h4cking ########## (50%)\r'; sleep 0.3; echo -ne 'h4cking ############# (66%)\r'; sleep 0.3; echo -ne 'h4cking ##################### (99%)\r'; sleep 0.3; echo -ne 'h4cking ####################### (100%)\r'; echo -ne '\n'; echo 'Hacking complete.'; echo 'Use GUI interface using visual basic to track my IP' ls[/color][/size] -lat



Below is a the first sentence of the same output. You just gotta know how to fool the code /code entry, and it is not something I am going to post here (or anywhere).

Code:
                                                                                                                                                                                             










[/code]
Back to top
View user's profile Send private message 
Sailor Enceladus

Joined: 22 Feb 2016
Posts: 1546

PostPosted: Tue 31 Jan 2017, 15:19    Post subject:  

belham2 wrote:
Below is a the first sentence of the same output. You just gotta know how to fool the code /code entry, and it is not something I am going to post here (or anywhere).

Code:
                                                                                                                                                                                             










[/code]

It didn't work. I think it would be better to post how to do it (if it's possible), so that others are aware that using the code box can be rigged too.

edit: I guess this is close heh...

Code wrote:
ls ; clear; echo 'Haha! You gave me access to your computer with sudo!'; echo -ne 'h4cking ## (10%)\r'; sleep 0.3; echo -ne 'h4cking ### (20%)\r'; sleep 0.3; echo -ne 'h4cking ##### (33%)\r'; sleep 0.3; echo -ne 'h4cking ####### (40%)\r'; sleep 0.3; echo -ne 'h4cking ########## (50%)\r'; sleep 0.3; echo -ne 'h4cking ############# (66%)\r'; sleep 0.3; echo -ne 'h4cking ##################### (99%)\r'; sleep 0.3; echo -ne 'h4cking ####################### (100%)\r'; echo -ne '\n'; echo 'Hacking complete.'; echo 'Use GUI interface using visual basic to track my IP' ls -lat
Back to top
View user's profile Send private message 
belham2

Joined: 15 Aug 2016
Posts: 1551

PostPosted: Tue 31 Jan 2017, 15:37    Post subject:  

You guys are right. I was wrong. It does not work. Please just do me a favor, though, and anything you copy from here or anywhere, whether with
Code:
or not, throw what's copied into an IDE text editor, have a different profile you can load for it quickly in that text editor (reverse the settings on that profile), and take a quick look. Geany is the best for this.
Back to top
View user's profile Send private message 
drunkjedi


Joined: 24 May 2015
Posts: 897

PostPosted: Tue 31 Jan 2017, 23:01    Post subject:  

No worries mate, thanks for finding it.

Will be more careful while copying from a post.

And also will always post any commands or scripts using Code blocks, if I post any.
Back to top
View user's profile Send private message 
Display posts from previous:   Sort by:   
Page 1 of 1 [9 Posts]  
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » Off-Topic Area » Security
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.1093s ][ Queries: 11 (0.0109s) ][ GZIP on ]