[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu Mar 23 15:16:07 2006
From: davek_throwaway at hotmail.com (Dave Korn)
Subject: Re: Re: Re: Links to Google's cache
of626FrSIRTexploits
nocfed wrote:
> Really, do you ``hackers'' really not know howto at least read the
> manpage for wget?
>
> There is no need for any script, only a few switches to wget.
>
> Hint: -e robots=off
Wow! j00 R so 1337! Hint: -e clue=on
Seriously, I truly phj33r your 4w3s0Me!!!one!1 man-page reading skills,
but how could you imagine that switch could possibly make the slightest
difference? robots.txt is enforced (or ignored) by the client. If a server
returns a 403 or doesn't, depending on what UserAgent you specified, then
how could making the client ignore robots.txt somehow magically make the
server not return a 403 when you try to fetch a page?
If you think that a switch that makes no difference to the data going over
the wire could affect the response given to an otherwise identical protocol
request sent back by the server, you must think they're using IP over ESP as
a transport layer. Which rfc was that again?
Or perhaps you just don't understand the first thing about the
client-server model of system architecture. In which case you're in no
position to go around calling other people hackers in sarcastic quote
marks[*].
Anyway, this is a great illustration of the dangers of posting smartarse
replies without actually having TRIED what you claim will work. Let me
*prove* it: here's what happens if you try and wget the list of cached page,
first with no switches, then with -e but no -U, then with -U but no -e.
---------------------------------------<no
options>---------------------------------------
dk@...nbow /artimi/haxx0r/frsirt/test> wget -i list.txt
--14:53:56--
http://72.14.203.104/search?q=cache:HG1c4HzNGuYJ:www.frsirt.com/exploits/20050621.p33r-b33r.c.php+site:frsirt.com+p33r&hl=en&ct=clnk&cd=2
=>
`search@...ache%3AHG1c4HzNGuYJ%3Awww.frsirt.com%2Fexploits%2F20050621.p33r-b33r.c.php+site%3Afrsirt.com+p33r&hl=en&ct=clnk&cd=2'
Connecting to 72.14.203.104:80... connected.
HTTP request sent, awaiting response... 403 Forbidden
14:53:57 ERROR 403: Forbidden.
--14:53:57--
http://72.14.203.104/search?q=cache:mI8fMz47MSQJ:www.frsirt.com/exploits/20060226.sco-root-exploit.c.php+site:frsirt.com+prdelka&hl=en&ct=clnk&cd=1
=>
`search@...ache%3AmI8fMz47MSQJ%3Awww.frsirt.com%2Fexploits%2F20060226.sco-root-exploit.c.php+site%3Afrsirt.com+prdelka&hl=en&ct=clnk&cd=1'
Connecting to 72.14.203.104:80... connected.
HTTP request sent, awaiting response... 403 Forbidden
14:53:59 ERROR 403: Forbidden.
--14:53:59--
http://72.14.203.104/search?q=cache:http://www.frsirt.com/exploits/20060307.revilloc.pl.php
=>
`search@...ache%3Ahttp%3A%2F%2Fwww.frsirt.com%2Fexploits%2F20060307.revilloc.pl.php'
Connecting to 72.14.203.104:80... connected.
HTTP request sent, awaiting response... 403 Forbidden
14:54:00 ERROR 403: Forbidden.
--14:54:00--
http://72.14.203.104/search?q=cache:http://www.frsirt.com/exploits/20060305.ms-visual-dbp.c.php
=>
`search@...ache%3Ahttp%3A%2F%2Fwww.frsirt.com%2Fexploits%2F20060305.ms-visual-dbp.c.php'
Connecting to 72.14.203.104:80... connected.
HTTP request sent, awaiting response... 403 Forbidden
14:54:01 ERROR 403: Forbidden.
^C
---------------------------------------<-e>---------------------------------------
dk@...nbow /artimi/haxx0r/frsirt/test> wget -i list.txt -e robots=off
--14:54:12--
http://72.14.203.104/search?q=cache:HG1c4HzNGuYJ:www.frsirt.com/exploits/20050621.p33r-b33r.c.php+site:frsirt.com+p33r&hl=en&ct=clnk&cd=2
=>
`search@...ache%3AHG1c4HzNGuYJ%3Awww.frsirt.com%2Fexploits%2F20050621.p33r-b33r.c.php+site%3Afrsirt.com+p33r&hl=en&ct=clnk&cd=2'
Connecting to 72.14.203.104:80... connected.
HTTP request sent, awaiting response... 403 Forbidden
14:54:13 ERROR 403: Forbidden.
--14:54:13--
http://72.14.203.104/search?q=cache:mI8fMz47MSQJ:www.frsirt.com/exploits/20060226.sco-root-exploit.c.php+site:frsirt.com+prdelka&hl=en&ct=clnk&cd=1
=>
`search@...ache%3AmI8fMz47MSQJ%3Awww.frsirt.com%2Fexploits%2F20060226.sco-root-exploit.c.php+site%3Afrsirt.com+prdelka&hl=en&ct=clnk&cd=1'
Connecting to 72.14.203.104:80... connected.
HTTP request sent, awaiting response... 403 Forbidden
14:54:15 ERROR 403: Forbidden.
--14:54:15--
http://72.14.203.104/search?q=cache:http://www.frsirt.com/exploits/20060307.revilloc.pl.php
=>
`search@...ache%3Ahttp%3A%2F%2Fwww.frsirt.com%2Fexploits%2F20060307.revilloc.pl.php'
Connecting to 72.14.203.104:80... connected.
HTTP request sent, awaiting response... 403 Forbidden
14:54:16 ERROR 403: Forbidden.
--14:54:16--
http://72.14.203.104/search?q=cache:http://www.frsirt.com/exploits/20060305.ms-visual-dbp.c.php
=>
`search@...ache%3Ahttp%3A%2F%2Fwww.frsirt.com%2Fexploits%2F20060305.ms-visual-dbp.c.php'
Connecting to 72.14.203.104:80... connected.
HTTP request sent, awaiting response... 403 Forbidden
14:54:17 ERROR 403: Forbidden.
--14:54:17--
http://72.14.203.104/search?q=cache:http://www.frsirt.com/exploits/20060305.libtiff_exploit.c.php
=>
`search@...ache%3Ahttp%3A%2F%2Fwww.frsirt.com%2Fexploits%2F20060305.libtiff_exploit.c.php'
Connecting to 72.14.203.104:80... connected.
HTTP request sent, awaiting response... 403 Forbidden
14:54:18 ERROR 403: Forbidden.
^C
---------------------------------------<-U>---------------------------------------
dk@...nbow /artimi/haxx0r/frsirt/test> wget -i list.txt -U 'nocfed is
talking a steaming great heap of n3td3v LOL LOL LOL'
--15:04:32--
http://72.14.203.104/search?q=cache:HG1c4HzNGuYJ:www.frsirt.com/exploits/20050621.p33r-b33r.c.php+site:frsirt.com+p33r&hl=en&ct=clnk&cd=2
=>
`search@...ache%3AHG1c4HzNGuYJ%3Awww.frsirt.com%2Fexploits%2F20050621.p33r-b33r.c.php+site%3Afrsirt.com+p33r&hl=en&ct=clnk&cd=2'
Connecting to 72.14.203.104:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: unspecified [text/html]
[ <=> ] 25,213 49.24K/s
15:04:33 (49.24 KB/s) -
`search@...ache%3AHG1c4HzNGuYJ%3Awww.frsirt.com%2Fexploits%2F20050621.p33r-b33r.c.php+site%3Afrsirt.com+p33r&hl=en&ct=clnk&cd=2'
saved [25213]
--15:04:33--
http://72.14.203.104/search?q=cache:mI8fMz47MSQJ:www.frsirt.com/exploits/20060226.sco-root-exploit.c.php+site:frsirt.com+prdelka&hl=en&ct=clnk&cd=1
=>
`search@...ache%3AmI8fMz47MSQJ%3Awww.frsirt.com%2Fexploits%2F20060226.sco-root-exploit.c.php+site%3Afrsirt.com+prdelka&hl=en&ct=clnk&cd=1'
Connecting to 72.14.203.104:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: unspecified [text/html]
[ <=> ] 5,294 --.--K/s
15:04:34 (36.93 KB/s) -
`search@...ache%3AmI8fMz47MSQJ%3Awww.frsirt.com%2Fexploits%2F20060226.sco-root-exploit.c.php+site%3Afrsirt.com+prdelka&hl=en&ct=clnk&cd=1'
saved [5294]
--15:04:34--
http://72.14.203.104/search?q=cache:http://www.frsirt.com/exploits/20060307.revilloc.pl.php
=>
`search@...ache%3Ahttp%3A%2F%2Fwww.frsirt.com%2Fexploits%2F20060307.revilloc.pl.php'
Connecting to 72.14.203.104:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: unspecified [text/html]
[ <=> ] 24,847 45.70K/s
15:04:35 (45.70 KB/s) -
`search@...ache%3Ahttp%3A%2F%2Fwww.frsirt.com%2Fexploits%2F20060307.revilloc.pl.php'
saved [24847]
--15:04:35--
http://72.14.203.104/search?q=cache:http://www.frsirt.com/exploits/20060305.ms-visual-dbp.c.php
=>
`search@...ache%3Ahttp%3A%2F%2Fwww.frsirt.com%2Fexploits%2F20060305.ms-visual-dbp.c.php'
Connecting to 72.14.203.104:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: unspecified [text/html]
[ <=> ] 25,855 40.40K/s
^C
---------------------------------------<snip>---------------------------------------
cheers,
DaveK
[*] - What a perfect example this is of the difference between sarcasm and
irony:
- nocfed calling us ``hackers" in scare-quotes - that's sarcasm.
- nocfed getting /everything/ so massively wrong in his sarcastic response:
*that's* irony.
--
Can't think of a witty .sigline today....
Powered by blists - more mailing lists