[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <814b9d50603230728l23cc2e81m92cc2d44ce292e4d@mail.gmail.com>
Date: Thu Mar 23 15:29:01 2006
From: str0ke at milw0rm.com (str0ke)
Subject: Re: Re: Re: Links to Google's cache
of626FrSIRTexploits
Is it possible we can get this wget'ing artwork incorporated with the
korn shell?
/str0ke
On 3/23/06, Dave Korn <davek_throwaway@...mail.com> wrote:
> nocfed wrote:
> > Really, do you ``hackers'' really not know howto at least read the
> > manpage for wget?
> >
> > There is no need for any script, only a few switches to wget.
> >
> > Hint: -e robots=off
>
> Wow! j00 R so 1337! Hint: -e clue=on
>
> Seriously, I truly phj33r your 4w3s0Me!!!one!1 man-page reading skills,
> but how could you imagine that switch could possibly make the slightest
> difference? robots.txt is enforced (or ignored) by the client. If a server
> returns a 403 or doesn't, depending on what UserAgent you specified, then
> how could making the client ignore robots.txt somehow magically make the
> server not return a 403 when you try to fetch a page?
>
> If you think that a switch that makes no difference to the data going over
> the wire could affect the response given to an otherwise identical protocol
> request sent back by the server, you must think they're using IP over ESP as
> a transport layer. Which rfc was that again?
>
> Or perhaps you just don't understand the first thing about the
> client-server model of system architecture. In which case you're in no
> position to go around calling other people hackers in sarcastic quote
> marks[*].
>
> Anyway, this is a great illustration of the dangers of posting smartarse
> replies without actually having TRIED what you claim will work. Let me
> *prove* it: here's what happens if you try and wget the list of cached page,
> first with no switches, then with -e but no -U, then with -U but no -e.
>
> ---------------------------------------<no
> options>---------------------------------------
>
> dk@...nbow /artimi/haxx0r/frsirt/test> wget -i list.txt
> --14:53:56--
> http://72.14.203.104/search?q=cache:HG1c4HzNGuYJ:www.frsirt.com/exploits/20050621.p33r-b33r.c.php+site:frsirt.com+p33r&hl=en&ct=clnk&cd=2
> =>
> `search@...ache%3AHG1c4HzNGuYJ%3Awww.frsirt.com%2Fexploits%2F20050621.p33r-b33r.c.php+site%3Afrsirt.com+p33r&hl=en&ct=clnk&cd=2'
> Connecting to 72.14.203.104:80... connected.
> HTTP request sent, awaiting response... 403 Forbidden
> 14:53:57 ERROR 403: Forbidden.
>
> --14:53:57--
> http://72.14.203.104/search?q=cache:mI8fMz47MSQJ:www.frsirt.com/exploits/20060226.sco-root-exploit.c.php+site:frsirt.com+prdelka&hl=en&ct=clnk&cd=1
> =>
> `search@...ache%3AmI8fMz47MSQJ%3Awww.frsirt.com%2Fexploits%2F20060226.sco-root-exploit.c.php+site%3Afrsirt.com+prdelka&hl=en&ct=clnk&cd=1'
> Connecting to 72.14.203.104:80... connected.
> HTTP request sent, awaiting response... 403 Forbidden
> 14:53:59 ERROR 403: Forbidden.
>
> --14:53:59--
> http://72.14.203.104/search?q=cache:http://www.frsirt.com/exploits/20060307.revilloc.pl.php
> =>
> `search@...ache%3Ahttp%3A%2F%2Fwww.frsirt.com%2Fexploits%2F20060307.revilloc.pl.php'
> Connecting to 72.14.203.104:80... connected.
> HTTP request sent, awaiting response... 403 Forbidden
> 14:54:00 ERROR 403: Forbidden.
>
> --14:54:00--
> http://72.14.203.104/search?q=cache:http://www.frsirt.com/exploits/20060305.ms-visual-dbp.c.php
> =>
> `search@...ache%3Ahttp%3A%2F%2Fwww.frsirt.com%2Fexploits%2F20060305.ms-visual-dbp.c.php'
> Connecting to 72.14.203.104:80... connected.
> HTTP request sent, awaiting response... 403 Forbidden
> 14:54:01 ERROR 403: Forbidden.
> ^C
> ---------------------------------------<-e>---------------------------------------
>
> dk@...nbow /artimi/haxx0r/frsirt/test> wget -i list.txt -e robots=off
> --14:54:12--
> http://72.14.203.104/search?q=cache:HG1c4HzNGuYJ:www.frsirt.com/exploits/20050621.p33r-b33r.c.php+site:frsirt.com+p33r&hl=en&ct=clnk&cd=2
> =>
> `search@...ache%3AHG1c4HzNGuYJ%3Awww.frsirt.com%2Fexploits%2F20050621.p33r-b33r.c.php+site%3Afrsirt.com+p33r&hl=en&ct=clnk&cd=2'
> Connecting to 72.14.203.104:80... connected.
> HTTP request sent, awaiting response... 403 Forbidden
> 14:54:13 ERROR 403: Forbidden.
>
> --14:54:13--
> http://72.14.203.104/search?q=cache:mI8fMz47MSQJ:www.frsirt.com/exploits/20060226.sco-root-exploit.c.php+site:frsirt.com+prdelka&hl=en&ct=clnk&cd=1
> =>
> `search@...ache%3AmI8fMz47MSQJ%3Awww.frsirt.com%2Fexploits%2F20060226.sco-root-exploit.c.php+site%3Afrsirt.com+prdelka&hl=en&ct=clnk&cd=1'
> Connecting to 72.14.203.104:80... connected.
> HTTP request sent, awaiting response... 403 Forbidden
> 14:54:15 ERROR 403: Forbidden.
>
> --14:54:15--
> http://72.14.203.104/search?q=cache:http://www.frsirt.com/exploits/20060307.revilloc.pl.php
> =>
> `search@...ache%3Ahttp%3A%2F%2Fwww.frsirt.com%2Fexploits%2F20060307.revilloc.pl.php'
> Connecting to 72.14.203.104:80... connected.
> HTTP request sent, awaiting response... 403 Forbidden
> 14:54:16 ERROR 403: Forbidden.
>
> --14:54:16--
> http://72.14.203.104/search?q=cache:http://www.frsirt.com/exploits/20060305.ms-visual-dbp.c.php
> =>
> `search@...ache%3Ahttp%3A%2F%2Fwww.frsirt.com%2Fexploits%2F20060305.ms-visual-dbp.c.php'
> Connecting to 72.14.203.104:80... connected.
> HTTP request sent, awaiting response... 403 Forbidden
> 14:54:17 ERROR 403: Forbidden.
>
> --14:54:17--
> http://72.14.203.104/search?q=cache:http://www.frsirt.com/exploits/20060305.libtiff_exploit.c.php
> =>
> `search@...ache%3Ahttp%3A%2F%2Fwww.frsirt.com%2Fexploits%2F20060305.libtiff_exploit.c.php'
> Connecting to 72.14.203.104:80... connected.
> HTTP request sent, awaiting response... 403 Forbidden
> 14:54:18 ERROR 403: Forbidden.
> ^C
> ---------------------------------------<-U>---------------------------------------
>
> dk@...nbow /artimi/haxx0r/frsirt/test> wget -i list.txt -U 'nocfed is
> talking a steaming great heap of n3td3v LOL LOL LOL'
> --15:04:32--
> http://72.14.203.104/search?q=cache:HG1c4HzNGuYJ:www.frsirt.com/exploits/20050621.p33r-b33r.c.php+site:frsirt.com+p33r&hl=en&ct=clnk&cd=2
> =>
> `search@...ache%3AHG1c4HzNGuYJ%3Awww.frsirt.com%2Fexploits%2F20050621.p33r-b33r.c.php+site%3Afrsirt.com+p33r&hl=en&ct=clnk&cd=2'
> Connecting to 72.14.203.104:80... connected.
> HTTP request sent, awaiting response... 200 OK
> Length: unspecified [text/html]
>
> [ <=> ] 25,213 49.24K/s
>
> 15:04:33 (49.24 KB/s) -
> `search@...ache%3AHG1c4HzNGuYJ%3Awww.frsirt.com%2Fexploits%2F20050621.p33r-b33r.c.php+site%3Afrsirt.com+p33r&hl=en&ct=clnk&cd=2'
> saved [25213]
>
> --15:04:33--
> http://72.14.203.104/search?q=cache:mI8fMz47MSQJ:www.frsirt.com/exploits/20060226.sco-root-exploit.c.php+site:frsirt.com+prdelka&hl=en&ct=clnk&cd=1
> =>
> `search@...ache%3AmI8fMz47MSQJ%3Awww.frsirt.com%2Fexploits%2F20060226.sco-root-exploit.c.php+site%3Afrsirt.com+prdelka&hl=en&ct=clnk&cd=1'
> Connecting to 72.14.203.104:80... connected.
> HTTP request sent, awaiting response... 200 OK
> Length: unspecified [text/html]
>
> [ <=> ] 5,294 --.--K/s
>
> 15:04:34 (36.93 KB/s) -
> `search@...ache%3AmI8fMz47MSQJ%3Awww.frsirt.com%2Fexploits%2F20060226.sco-root-exploit.c.php+site%3Afrsirt.com+prdelka&hl=en&ct=clnk&cd=1'
> saved [5294]
>
> --15:04:34--
> http://72.14.203.104/search?q=cache:http://www.frsirt.com/exploits/20060307.revilloc.pl.php
> =>
> `search@...ache%3Ahttp%3A%2F%2Fwww.frsirt.com%2Fexploits%2F20060307.revilloc.pl.php'
> Connecting to 72.14.203.104:80... connected.
> HTTP request sent, awaiting response... 200 OK
> Length: unspecified [text/html]
>
> [ <=> ] 24,847 45.70K/s
>
> 15:04:35 (45.70 KB/s) -
> `search@...ache%3Ahttp%3A%2F%2Fwww.frsirt.com%2Fexploits%2F20060307.revilloc.pl.php'
> saved [24847]
>
> --15:04:35--
> http://72.14.203.104/search?q=cache:http://www.frsirt.com/exploits/20060305.ms-visual-dbp.c.php
> =>
> `search@...ache%3Ahttp%3A%2F%2Fwww.frsirt.com%2Fexploits%2F20060305.ms-visual-dbp.c.php'
> Connecting to 72.14.203.104:80... connected.
> HTTP request sent, awaiting response... 200 OK
> Length: unspecified [text/html]
>
> [ <=> ] 25,855 40.40K/s
> ^C
> ---------------------------------------<snip>---------------------------------------
>
> cheers,
> DaveK
>
> [*] - What a perfect example this is of the difference between sarcasm and
> irony:
> - nocfed calling us ``hackers" in scare-quotes - that's sarcasm.
> - nocfed getting /everything/ so massively wrong in his sarcastic response:
> *that's* irony.
> --
> Can't think of a witty .sigline today....
>
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
Powered by blists - more mailing lists