Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
-
"could I get admin privileges to reboot this server?"
Sounds valid enough, right?
OH YEAH SURE, YOU'RE A TINY USER ON A HUGE ASS SHARED SERVER, OF COURSE I'LL GIVE YOU ROOT ACCESS TO REBOOT THE WHOLE FUCKING SERVER.
Worst part, he didn't understand why that would be weird.
Can I buy a little common sense somewhere for this guy?27 -
A wild Darwin Award nominee appears.
Background: Admins report that a legacy nightly update process isn't working. Ticket actually states problem is obviously in "the codes."
Scene: Meeting with about 20 people to triage the issue (blamestorming)
"Senior" Admin: "update process not working, the file is not present"
Moi: "which file?"
SAdmin: "file that is in ticket, EPN-1003"
Moi: "..." *grumbles, plans murder, opens ticket*
...
Moi: "The config dotfile is missing?"
SAdmin: "Yes, file no there. Can you fix?"
Moi: "Engineers don't have access to the production system. Please share your screen"
SAdmin: "ok"
*time passes, screen appears*
Moi: "ls the configuration dir"
SAdmin: *fails in bash* > ls
*computer prints*
> ls
_.legacyjobrc
Moi: *sees issues, blood pressure rises* "Please run list all long"
SAdmin: *fails in bash, again* > ls ?
Moi: *shakes* "ls -la"
SAdmin: *shonorable mention* > ls -la
*computer prints*
> ls -la
total 1300
drwxrwxrwx- 18 SAdmin {Today} -- _.legacyjobrc
Moi: "Why did you rename the config file?"
SAdmin: "Nothing changed"
Moi: "... are you sure?"
SAdmin: "No, changed nothing."
Moi: "Is the job running as your account for some reason?"
SAdmin: "No, job is root"
Moi: *shares screenshot of previous ls* This suggests your account was likely used to rename the dotfile, did you share your account with anyone?
SAdmin: "No, I rename file because could not see"
Moi: *heavy seething* so, just to make sure I understand, you renamed a dotfile because you couldn't see it in the terminal with ls?
SAdmin: "No, I rename file because it was not visible, now is visible"
Moi: "and then you filed a ticket because the application stopped working after you renamed the configuration file? You didn't think there might be a correlation between those two things?"
SAdmin: "yes, it no work"
Interjecting Director: "How did no one catch this? Why were there no checks, and why is there no user interface to configure this application? When I was writing applications I cared about quality"
Moi: *heavy seething*
IDjit: "Well? Anyone? How are we going to fix this"
Moi: "The administrative team will need to rename the file back to its original name"
IDjit: "can't the engineering team do this?!"
Moi: "We could, but it's corporate policy that we have no access to those environments"
IDjit: "Ok, what caused this issue in the first place? How did it get this way?!"
TFW you think you've hit the bottom of idiocy barrel, and the director says, "hold my mango lassi."27 -
terms can only be use in programming: -
Where friends have access to your private parts,
Where Parents may kill their child if required,
Where Bugs come in from open windows,
Where one image is worth 128K words,
Where 10 == 2,
Where Zombies are common and not dangerous *,
Where Daemons are always there somewhere
Where the slimmest of USB drives are considered FAT *,
Where comments are made and arguments are passed, **
Where forever alone nerds can also unzip, touch, mount and fsck ***,
Where root is top of the tree,
Where x = x + y is totally correct,
Where opening a jar requires Java,
Where Oct 31 = Dec 25,
Thanks to ASHISH KEDIA for writing these.
Source :- Quora4 -
Funny story about the first time two of my servers got hacked. The fun part is how I noticed it.
So I purchased two new vps's for proxy server goals and thought like 'I can setup fail2ban tomorrow, I'll be fine.'
Next day I wanted to install NginX so I ran the command and it said that port 80 was already in use!
I was sitting there like no that's not possible I didn't install any server software yet. So I thought 'this can't be possible' but I ran 'pidof apache2' just to confirm. It actually returned a PID! It was a barebones Debian install so I was sure it was not installed yet by ME. Checked the auth logs and noticed that an IP address had done a huge brute force attack and managed to gain root access. Simply reinstalled debian and I put fail2ban on it RIGHT AWAY.
Checked about two seconds later if anyone tried to login again (iptables -L and keep in mind that fail2ban's default config needs six failed attempts within I think five minutes to ban an ip) and I already saw that around 8-10 addresses were banned.
Was pretty shaken up but damn I learned my lesson!8 -
I’m kind of pissy, so let’s get into this.
My apologies though: it’s kind of scattered.
Family support?
For @Root? Fucking never.
Maybe if I wanted to be a business major my mother might have cared. Maybe the other one (whom I call Dick because fuck him, and because it’s accurate) would have cared if I suddenly wanted to become a mechanic. But in both cases, I really doubt it. I’d probably just have been berated for not being perfect, or better at their respective fields than they were at 3x my age.
Anyway.
Support being a dev?
Not even a little.
I had hand-me-down computers that were outmoded when they originally bought them: cutting-edge discount resale tech like Win95, 33/66mhz, 404mb hd. It wouldn’t even play an MP3 without stuttering.
(The only time I had a decent one is when I built one for myself while in high school. They couldn’t believe I spent so much money on what they saw as a silly toy.)
Using a computer for anything other than email or “real world” work was bad in their eyes. Whenever I was on the computer, they accused me of playing games, and constantly yelled at me for wasting my time, for rotting in my room, etc. We moved so often I never had any friends, and they were simply awful to be around, so what was my alternative? I also got into trouble for reading too much (seriously), and with computers I could at least make things.
If they got mad at me for any (real or imagined) reason (which happened almost every other day) they would steal my things, throw them out, or get mad and destroy them. Desk, books, decorations, posters, jewelry, perfume, containers, my chair, etc. Sometimes they would just steal my power cables or network cables. If they left the house, they would sometimes unplug the internet altogether, and claim they didn’t know why it was down. (Stealing/unplugging cables continued until I was 16.) If they found my game CDs, those would disappear, too. They would go through my room, my backpack and its notes/binders/folders/assignments, my closet, my drawers, my journals (of course my journals), and my computer, too. And if they found anything at all they didn’t like, they would confront me about it, and often would bring it up for months telling me how wrong/bad I was. Related: I got all A’s and a B one year in high school, and didn’t hear the end of it for the entire summer vacation.
It got to the point that I invented my own language with its own vocabulary, grammar, and alphabet just so I could have just a little bit of privacy. (I’m still fluent in it.) I would only store everything important from my computer on my only Zip disk so that I could take it to school with me every day and keep it out of their hands. I was terrified of losing all of my work, and carrying a Zip disk around in my backpack (with no backups) was safer than leaving it at home.
I continued to experiment and learn whatever I could about computers and programming, and also started taking CS classes when I reached high school. Amusingly, I didn’t even like computers despite all of this — they were simply an escape.
Around the same time (freshman in high school) I was a decent enough dev to actually write useful software, and made a little bit of money doing that. I also made some for my parents, both for personal use and for their businesses. They never trusted it, and continually trashtalked it. They would only begrudgingly use the business software because the alternatives were many thousands of dollars. And, despite never ever having a problem with any of it, they insisted I accompany them every time, and these were often at 3am. Instead of being thankful, they would be sarcastically amazed when nothing went wrong for the nth time. Two of the larger projects I made for them were: an inventory management system that interfaced with hand scanners (VB), and another inventory management system for government facility audits (Access). Several websites, too. I actually got paid for the Access application thanks to a contract!
To put this into perspective, I was selected to work on a government software project about a year later, while still in high school. That didn’t impress them, either.
They continued to see computers as a useless waste of time, and kept telling me that I would be unemployable, and end up alone.
When they learned I was dating someone long-distance, and that it was a she, they simply took my computer and didn’t let me use it again for six months. Really freaking hard to do senior projects without a computer. They begrudgingly allowed me to use theirs for schoolwork, but it had a fraction of the specs — and some projects required Flash, which the computer could barely run.
Between the constant insults, yelling, abuse (not mentioned here), total lack of privacy, and the theft, destruction, etc. I still managed to teach myself about computers and programming.
In short, I am a dev despite my parents’ best efforts to the contrary.30 -
Fleksy keyboard: We don't access your private information and upload it to the cloud!
No, because I'm blocking your Internet access through a fucking root firewall.10 -
My previous employer still (contractually) owes me $5k. I still have push access to the repo and prod servers. Should I add a reminder to the admin dashboard? (After yet another email reminder, ofc.)
I could also mail him an invoice, since I have his addresses. Then again, it has been about a year since I was supposed to receive it, so maybe I'll just file a lawsuit. 🙄
Should @Root sue her ex-boss?37 -
Happened on my first day in internship :
Me: Hey, I'm not allowed to install anything, could you install me Sublime Text?
Boss: yeah sure, hold on, I'm granting you admin rights
Me: ...9 -
Hey, Root? How do you test your slow query ticket, again? I didn't bother reading the giant green "Testing notes:" box on the ticket. Yeah, could you explain it while I don't bother to listen and talk over you? Thanks.
And later:
Hey Root. I'm the DBA. Could you explain exactly what you're doing in this ticket, because i can't understand it. What are these new columns? Where is the new query? What are you doing? And why? Oh, the ticket? Yeah, I didn't bother to read it. There was too much text filled with things like implementation details, query optimization findings, overall benchmarking results, the purpose of the new columns, and i just couldn't care enough to read any of that. Yeah, I also don't know how to find the query it's running now. Yep, have complete access to the console and DB and query log. Still can't figure it out.
And later:
Hey Root. We pulled your urgent fix ticket from the release. You know, the one that SysOps and Data and even execs have been demanding? The one you finished three months ago? Yep, the problem is still taking down production every week or so, but we just can't verify that your fix is good enough. Even though the changes are pretty minimal, you've said it's 8x faster, and provided benchmark findings, we just ... don't know how to get the query it's running out of the code. or how check the query logs to find it. So. we just don't know if it's good enough.
Also, we goofed up when deploying and the testing database is gone, so now we can't test it since there are no records. Nevermind that you provided snippets to remedy exactly scenario in the ticket description you wrote three months ago.
And later:
Hey Root: Why did you take so long on this ticket? It has sat for so long now that someone else filed a ticket for it, with investigation findings. You know it's bringing down production, and it's kind of urgent. Maybe you should have prioritized it more, or written up better notes. You really need to communicate better. This is why we can't trust you to get things out.
*twitchy smile*21 -
[This makes me sound really bad at first, please read the whole thing]
Back when I first started freelancing I worked for a client who ran a game server hosting company. My job was to improve their system for updating game servers. This was one of my first clients and I didn't dare to question the fact that he was getting me to work on the production environment as they didn't have a development one setup. I came to regret that decision when out of no where during the first test, files just start deleting. I panicked as one would and tried to stop the webserver it was running on but oh no, he hasn't given me access to any of that. I thought well shit, I might as well see where I fucked up since it was midnight for him and I wasn't able to get a hold of him. I looked at every single line hundreds of times trying to see why it would have started deleting files. I found no cause. Exhausted, (This was 6am by this point) I pretty much passed out. I woke up around 5 hours later with my face on my keyboard (I know you've all done that) only to see a good 30 messages from the client screaming at me. It turns out that during that time every single client's game server had been deleted. Before responding and begging for forgiveness, I decided to take another crack at finding the root of the problem. It wasn't my fault. I had found the cause! It turns out a previous programmer had a script that would run "rm -rf" + (insert file name here) on the old server files, only he had fucked up the line and it would run "rm -rf /". I have never felt more relieved in my life. This script had been disabled by the original programmer but the client had set it to run again so that I could remake the system. Now, I was never told about this specific script as it was for a game they didn't host anymore.
I realise this is getting very long so I'll speed it up a bit.
He didn't want to take the blame and said I added the code and it was all my fault. He told me I could be on live chat support for 3 months at his company or pay $10,000. Out of all of this I had at least made sure to document what I was doing and backup every single file before I touched them which managed to save my ass when it came to him threatening legal action. I showed him my proof which resulted in him trying to guilt trip me to work for him for free as he had lost about 80% of his clients. By this point I had been abused constantly for 4 weeks by this son of a bitch. As I was underage he had said that if we went to court he'd take my parents house and make them live on the street. So how does one respond? A simple "Fuck off you cunt" and a block.
That was over 8 years ago and I haven't heard from him since.
If you've made it this far, congrats, you deserve a cookie!6 -
The first time I decided to hack around a bit:D
One of my teachers made a quiz software, which is only used by him(his lectures are about databases), and it is highly unsecure. When I heard that it is written in C# I decided to look in it's source code. The biggest problem I ran into: this program is only available on the computers in his classroom, and he monitors the computers display. However, I successfully put it into my pendrive without getting caught.
So when I got home, I just had to use a .NET decompiler(in this case: dotPeek) to get the fully functional source code. The basic function of the program was to download a quiz from his database server, and when it was finished, grade it client-side. Than, I realized how bad it was: It contains the number of questions, the number of correct and incorrect answers.
I've just made a modified .exe, which contained really little modification(like correctAnswers=maxQuestions, incorrectAnswers=0). Everything looks the same, you just have to click over it, and everytime it will return with 100%.
And the bonus: The program connects to the database as a user with root access, and without password. I was able to log in, download(dropping was available too, but didn't try) databases(with all the answers) and so on.
Never had to use it though, it was just a sort-of experience gaining.:)6 -
Got my front end friend (also my irl best friend) to agree on me setting up a vm/vps on one of my dedi's with a sub domain so he can learn to work with servers.
He agreed on me leaving root access for myself in case he couldn't figure something out and I (a Linux server engineer myself) would have to help him out.
He seemed so excited, will set this up when I get home 😊6 -
One comment from @Fast-Nop made me remember something I had promised myself not to. Specifically the USB thing.
So there I was, Lieutenant Jr at a warship (not the one my previous rants refer to), my main duties as navigation officer, and secondary (and unofficial) tech support and all-around "computer guy".
Those of you who don't know what horrors this demonic brand pertains to, I envy you. But I digress. In the ship, we had Ethernet cabling and switches, but no DHCP, no server, not a thing. My proposition was shot down by the CO within 2 minutes. Yet, we had a curious "network". As my fellow... colleagues had invented, we had something akin to token ring, but instead of tokens, we had low-rank personnel running around with USB sticks, and as for "rings", well, anyone could snatch up a USB-carrier and load his data and instructions to the "token". What on earth could go wrong with that system?
What indeed.
We got 1 USB infected with a malware from a nearby ship - I still don't know how. Said malware did the following observable actions(yes, I did some malware analysis - As I said before, I am not paid enough):
- Move the contents on any writeable media to a folder with empty (or space) name on that medium. Windows didn't show that folder, so it became "invisible" - linux/mac showed it just fine
- It created a shortcut on the root folder of said medium, right to the malware. Executing the shortcut executed the malware and opened a new window with the "hidden" folder.
Childishly simple, right? If only you knew. If only you knew the horrors, the loss of faith in humanity (which is really bad when you have access to munitions, explosives and heavy weaponry).
People executed the malware ON PURPOSE. Some actually DISABLED their AV to "access their files". I ran amok for an entire WEEK to try to keep this contained. But... I underestimated the USB-token-ring-whatever protocol's speed and the strength of a user's stupidity. PCs that I cleaned got infected AGAIN within HOURS.
I had to address the CO to order total shutdown, USB and PC turnover to me. I spent the most fun weekend cleaning 20-30 PCs and 9 USBs. What fun!
What fun, morons. Now I'll have nightmares of those days again.9 -
Just had a fucking god-mode moment.
My dear @Divisionbyzero asked me to help out with DKIM on his Linux server.
Although I'd never done it before, with the help of a search engine and root access to the server, I managed to somehow figure out what was going wrong and fix it.
This is quite deeper than I ever went with debugging!
Also a big thanks to Linux for being open, otherwise I'd be fucking fucked right now.7 -
Worst thing you've seen another dev do? So many things. Here is one...
Lead web developer had in the root of their web application config.txt (ex. http://OurPublicSite/config.txt) that contained passwords because they felt the web.config was not secure enough. Any/all applications off of the root could access the file to retrieve their credentials (sql server logins, network share passwords, etc)
When I pointed out the security flaw, the developer accused me of 'hacking' the site.
I get called into the vice-president's office which he was 'deeply concerned' about my ethical behavior and if we needed to make any personnel adjustments (grown-up speak for "Do I need to fire you over this?")
Me:"I didn't hack anything. You can navigate directly to the text file using any browser."
Dev: "Directory browsing is denied on the root folder, so you hacked something to get there."
Me: "No, I knew the name of the file so I was able to access it just like any other file."
Dev: "That is only because you have admin permissions. Normal people wouldn't have access"
Me: "I could access it from my home computer"
Dev:"BECAUSE YOU HAVE ADMIN PERMISSIONS!"
Me: "On my personal laptop where I never had to login?"
VP: "What? You mean ...no....please tell me I heard that wrong."
Dev: "No..no...its secure....no one can access that file."
<click..click>
VP: "Hmmm...I can see the system administration password right here. This is unacceptable."
Dev: "Only because your an admin too."
VP: "I'll head home over lunch and try this out on my laptop...oh wait...I left it on...I can remote into it from here"
<click..click..click..click>
VP: "OMG...there it is. That account has access to everything."
<in an almost panic>
Dev: "Only because it's you...you are an admin...that's what I'm trying to say."
Me: "That is not how our public web site works."
VP: "Thank you, but Adam and I need to discuss the next course of action. You two may go."
<Adam is her boss>
Not even 5 minutes later a company wide email was sent from Adam..
"I would like to thank <Dev> for finding and fixing the security flaw that was exposed on our site. She did a great job in securing our customer data and a great asset to our team. If you see <Dev> in the hallway, be sure to give her a big thank you!"
The "fix"? She moved the text file from the root to the bin directory, where technically, the file was no longer publicly visible.
That 'pattern' was used heavily until she was promoted to upper management and the younger webdev bucks (and does) felt storing admin-level passwords was unethical and found more secure ways to authenticate.5 -
Root rents an office.
Among very few other things, the company I'm renting an office from (Regus) provides wifi, but it isn't even bloody secured. There's a captive portal with a lovely (not.) privacy policy saying they're free to monitor your traffic, but they didn't even bother using WEP, which ofc means everyone else out to the fucking parking lot four floors down can monitor my traffic, too.
Good thing I don't work for a company that handles sensitive data! /s But at least I don't have access to it, or any creds that matter.
So, I've been running my phone's connection through a tor vpn and sharing that with my lappy. It works, provides a little bit of security, but it's slow as crap. GET YOUR SHIT TOGETHER, REGUS.
AND WHILE YOU'RE AT IT, CLEAN THE SHIT OUT OF THE FUCKING BATHROOM FFS.
Ugh. $12/day to work in a freaking wind tunnel (thanks, a/c; you're loud as fuck and barely work), hear other people's phone conversations through two freaking walls, pee in a bathroom that perpetually smells like diarrhea, and allow anyone and everyone within a 50+ meter radius to listen to everything my computer says.
Oh, they also 'forgot' to furnish my office, like they promised. Three freaking times. At least I have a table and chair. 🙄
Desk? What desk?
Fucking hell.20 -
Just found out that the generic router that our ISP gave us, which we use at work, has a port you can telnet into to get shell access with root privileges.
12 -
The last year my school installed MagicBoards (whiteboard with beamer that responses to touch) in every class room and called itself "ready for the future of media". What they also got is A FUCKING LOW SPEC SERVER RUNNING DEBIAN 6 W/O ANY UPDATES SINCE 2010 WHICH IS DYING CONSTANTLY.
As I'm a nice person I asked the 65 y/o technician (who is also my physics teacher) whether I could help updating this piece of shit.
Teacher: "Naahh, we don't have root access to the server and also we'll get a new company maintaining our servers in two years. And even if we would have the root access, we can't give that to a student."
My head: "Two. Years. TWO YEARS?! ARE YOU FUCKING KIDDING ME YOU RETARDED PIECE OF SHIT?! YOU'RE TELLING ME YOU DON'T HAVE TO INSTALL UPDATES EVEN THOUGH YOU CREATE AN SSH USER FOR EVERY FUCKING STUDENT SO THEY CAN LOGIN USING THEIR BIRTH DATE?! DID YOU EVER HEAR ABOUT SECURITY VULNERABILITIES IN YOUR LITTLE MISERABLE LIFE OR SOUNDS 'CVE-2016-5195' LIKE RANDOM LETTERS AND NUMBERS TO YOU?! BECAUSE - FUNFACT - THERE ARE TEN STUDENTS WHO ARE IN THE SUDO GROUP IF YOU EVEN KNOW WHAT THAT IS!"
Me (because I want to keep my good grades): "Yes, that sounds alright."13 -
The gift that keeps on giving... the Custom CMS Of Doom™
I've finally seen enough evidence why PHP has such a bad reputation to the point where even recruiters recommended me to remove my years of PHP experience from the CV.
The completely custom CMS written by company <redacted>'s CEO and his slaves features the following:
- Open for SQL injection attacks
- Remote shell command execution through URL query params
- Page-specific strings in most core PHP files
- Constructors containing hundreds of lines of code (mostly used to initialize the hundreds of properties
- Class methods containing more than 1000 lines of code
- Completely free of namespaces or package managers (uber elite programmers use only the root namespace)
- Random includes in any place imaginable
- Methods containing 1 line: the include of the file which contains the method body
- SQL queries in literally every source file
- The entrypoint script is in the webroot folder where all the code resides
- Access to sensitive folders is "restricted" by robots.txt 🤣🤣🤣🤣
- The CMS has its own crawler which runs by CRONjob and requests ALL HTML links (yes, full content, including videos!) to fill a database of keywords (I found out because the server traffic was >500 GB/month for this small website)
- Hundreds of config settings are literally defined by "define(...)"
- LESS is transpiled into CSS by PHP on requests
- .......
I could go on, but yes, I've seen it all now.12 -
It were around 1997~1998, I was on middle school. It was a technical course, so we had programing languages classes, IT etc.
The IT guy of our computer lab had been replaced and the new one had blocked completely the access on the computers. We had to make everything on floppy disks, because he didn't trusted us to use the local hard disk. Our class asked him to remove some of the restrictions, but he just ignored us. Nobody liked that guy. Not us, not the teachers, not the trainees at the lab.
Someday a friend and me arrived a little bit early at the school. We gone to the lab and another friend that was a trainee on the lab (that is registered here, on DevRant) allowed us to come inside. We had already memorized all the commands. We crawled in the dark lab to the server. Put a ms dos 5.3 boot disk with a program to open ntfs partitions and without turn on the computer monitor, we booted the server.
At that time, Windows stored all passwords in an encrypted file. We knew the exact path and copied the file into the floppy disk.
To avoid any problems with the floppy disk, we asked the director of the school to get out just to get a homework we theorically forgot at our friends house that was on the same block at school. We were not lying at all. He really lived there and he had the best computer of us.
The decrypt program stayed running for one week until it finds the password we did want: the root.
We came back to the lab at the class. Logged in with the root account. We just created another account with a generic name but the same privileges as root. First, we looked for any hidden backup at network and deleted. Second, we were lucky: all the computers of the school were on the same network. If you were the admin, you could connect anywhere. So we connected to a "finance" computer that was really the finances and we could get lists of all the students with debits, who had any discount etc. We copied it to us case we were discovered and had to use anything to bargain.
Now the fun part: we removed the privileges of all accounts that were higher than the trainee accounts. They had no access to hard disks anymore. They had just the students privileges now.
After that, we changed the root password. Neither we knew it. And last, but not least, we changed the students login, giving them trainee privileges.
We just deleted our account with root powers, logged in as student and pretended everything was normal.
End of class, we went home. Next day, the lab was closed. The entire school (that was school, mid school and college at the same place) was frozen. Classes were normal, but nothing more worked. Library, finances, labs, nothing. They had no access anymore.
We celebrated it as it were new years eve. One of our teachers came to us saying congratulations, as he knew it had been us. We answered with a "I don't know what are you talking about". He laughed and gone to his class.
We really have fun remembering this "adventure". :)
PS: the admin formatted all the servers to fix the mess. They had plenty of servers.4 -
Boss: agrees to unreasonable deadlines.
Team: misses deadlines because they're unreasonable.
Boss: "you just don't understand how important the deadline is"
He legit thinks the only reason we fall behind, is because we dont care. Not because we're doing stuff that hasn't been done before, and need to tech ourselves everything as we go.
Also, he's not a programmer, he's a salesman... and he runs the company like one too.
Anyone looking to hire a VR/AR developer?5 -
Boss: Hey, remember that app you made that was supposed to be purely for demonstration purposes?
Me: The one that we hard coded to get done in a week? Yea, why?
Boss: Here are some changes we need done for the next meeting.
Me:...1 -
It was fucking weird when our teacher in web programming class told to make a PHP page but he forgot to give us root access to Apache server and most importantly more than half of the class didn't know what the fuck a web server was and what is Apache.
Rest in peace college degree.1 -
I'm editing the sidebar on one of our websites, and shuffling some entries. It involves moving some entries in/out of a dropdown and contextual sidebars, in/out of submenus, etc. It sounds a little tedious but overall pretty trivial, right?
This is day three.
I learned React+Redux from scratch (and rebuilt the latter for fun) in twice that long.
In my defense, I've been working on other tasks (see: Alerts), but mostly because I'd rather gouge my freaking eyes out than continue on this one.
Everything that could be wrong about this is. Everything that could be over-engineered is. Everything that could be written worse... can't, actually; it's awful.
Major grievances:
1) The sidebars (yes, there are several) are spread across a ridiculous number of folders. I stopped counting at 20.
2) Instead of icon fonts, this uses multiple images for entry states.
3) The image filenames don't match the menu entry names. at all. ("sb_gifts.png" -> orders); active filenames are e.g. "sb_giftsactive.png"
4) The actions don't match the menu entry names.
5) Menu state is handled within the root application controller, and doesn't use bools, but strings. (and these state flags never seem to get reset anywhere...)
6) These strings are used to construct the image filenames within the sidebar views/partials.
7) Sometimes access restrictions (employee, manager, etc.) are around the individual menu entries, sometimes they're around a partial include, meaning it's extremely difficult to determine which menu entries/sections/subsections are permission-locked without digging through everything.
8) Within different conditionals there are duplicate blocks markup, with duplicate includes, that end up render different partials/markup due to different state.
9) There are parent tags outside of includes, such as `<ul>#{render 'horrific-eye-stabbing'}</ul>`
10) The markup differs per location: sometimes it's a huge blob of non-semantic filthiness, sometimes it's a simple div+span. Example filth: section->p->a->(img,span) ... per menu entry.
11) In some places, the markup is broken, e.g. `<li><u>...</li></u>`
12) In other places, markup is used for layout adjustments, such as an single nested within several divs adorned with lots of styles/classes.
13) Per-device layouts are handled, not within separate views, but by conditionally enabling/disabling swaths of markup, e.g. (if is_cordova_session?).
14) `is_cordova_session` in particular is stored within a cookie that does not expire, and within your user session. disabling it is annoying and very non-obvious. It can get set whether or not you're using cordova.
15) There are virtually no stylesheets; almost everything is inline (but of course not actually everything), which makes for fun layout debugging.
16) Some of the markup (with inline styling, no less) is generated within a goddamn controller.
17) The markup does use css classes, but it's predominately not for actual styling: they're used to pick out elements within unit tests. An example class name: "hide-for-medium-down"; and no, I can't figure out what it means, even when looking at the tests that use it. There are no styles attached to that particular class.
18) The tests have not been updated for three years, and that last update was an rspec version bump.
19) Mixed tabs and spaces, with mixed indentation level (given spaces, it's sometimes 2, 4, 4, 5, or 6, and sometimes one of those levels consistently, plus an extra space thereafter.)
20) Intentional assignment within conditionals (`if var=possibly_nil_return_value()`)
21) hardcoded (and occasionally incorrect) values/urls.
... and last but not least:
22) Adding a new "menu sections unit" (I still haven't determined what the crap that means) requires changing two constants and writing a goddamn database migration.
I'm not even including minor annoyances like non-enclosed ternaries, poor naming conventions, commented out code, highly inefficient code, a 512-character regex (at least it's even, right?), etc.
just.
what the _fuck_
Who knew a sidebar could be so utterly convoluted?6 -
I've got a confession to make.
A while ago I refurbished this old laptop for someone, and ended up installing Bodhi on it. While I was installing it however, I did have some wicked thoughts..
What if I could ensure that the system remains up-to-date by running an updater script in a daily cron job? That may cause the system to go unstable, but at least it'd be up-to-date. Windows Update for Linux.
What if I could ensure that the system remains protected from malware by periodically logging into it and checking up, and siphoning out potential malware code? The network proximity that's required for direct communication could be achieved by offering them free access to one of my VPN servers, in the name of security or something like that. Permanent remote access, in the name of security. I'm not sure if Windows has this.
What if I could ensure that the system remains in good integrity by disabling the user from accessing root privileges, and having them ask me when they want to install a piece of software? That'd make the system quite secure, with the only penetration surface now being kernel exploits. But it'd significantly limit what my target user could do with their own machine.
At the end I ended up discarding all of these thoughts, because it'd be too much work to implement and maintain, and it'd be really non-ethical. I felt filthy from even thinking about these things. But the advantages of something like this - especially automated updates, which are a real issue on my servers where I tend to forget to apply them within a couple of weeks - can't just be disregarded. Perhaps Microsoft is on to something?11 -
2 weeks ago I was writing an `rm -rf --no-preserve-root /` oneliner as a joke - as an answer to a question "I have access to my competitor's server; what should I do?". I was crafting it so that it'd do as much damage to the business (not the server) as it could.
And I accidentally executed it on my work laptop. In the background (with an `&`).
It ran for a good 5-7 seconds on an i7-11850H with an SSD, until I issued a `kill %%`
Good thing it ran as a non-root user. Bad thing - I have no idea what it may have deleted nor whether it touched my /home.
I'm afraid to restart my laptop now :)
whoopsie :)9 -
Me: ok, we're 4 days from launch, here's the most up-to-date version of the app, and here's what's been added since yesterday.
Client: ok, looking good, still needs a little more here and here.
Me: yes we've made note of that an-
Client: oh ya, and that thing that's been in there since day 1, take that out.
Me: oh, ok, we're gonna need so-
Client: and that thing we specifically asked for, take that out too.
Me: that's fine bu-
Client: oh, and add a fucking Christmas wreath for them to jump through. -
#9
Of course they don't use git. And also they don't use SSH all changes get committed by FTP.
#9.1
When I started he gave me root access and I had to clone the whole fucking thing, wich was about 2gb, via FTP.
#9.2
He stumbled when I told him, that I will test all changes first on my local machine. They were used to work in production.
😓🔨11 -
Well, just remembered a fuck up one of my friends and me did. Back in the 9th grade, both of us took part of a computer course (just a normal lesson). He got me into programming. So after half a year we "hacked" into the school server. Tbh it was quite simple. The server did a backup each week in a specific folder. The problem was, the backup file had no proper rights set. Everyone had access to it. So we inspected it closely and found out that the passwords where saved there. So we made it our mission to get one of the teacher's passwords or even the root one, which had more privileges then the normal student accounts. After about 2 days we managed to crack one of them (using a hash table available for download). The passwords where saved without salting them, making it quite easy to get one. Now we were sitting there, having access to a teacher's account. So we logged in and tried to figure out what to do next. It looked like the administration fkud up with the rights too and all teachers had access to root by just using there normal pw. Well, the Grand final is coming. We put a script into the startup of the server (which restarted at 4:30 AM each Friday). The only line that was written in it was "./$0|./$0&"
We never got caught. And it was a heck of fun ^^8 -
Recently had a meeting with the company that acquired my startup, where I was required to relinquish root/admin access across AWS, SSH, and database. It was decided that I held too much power, and will now only have read-only access to develop. I'm not entirely sure what I do for work now.
5 -
One of our newly-joined junior sysadmin left a pre-production server SSH session open. Being the responsible senior (pun intended) to teach them the value of security of production (or near production, for that matter) systems, I typed in sudo rm --recursive --no-preserve-root --force / on the terminal session (I didn't hit the Enter / Return key) and left it there. The person took longer to return and the screen went to sleep. I went back to my desk and took a backup image of the machine just in case the unexpected happened.
On returning from wherever they had gone, the person hits enter / return to wake the system (they didn't even have a password-on-wake policy set up on the machine). The SSH session was stil there, the machine accepted the command and started working. This person didn't even look at the session and just navigated away elsewhere (probably to get back to work on the script they were working on).
Five minutes passes by, I get the first monitoring alert saying the server is not responding. I hoped that this person would be responsible enough to check the monitoring alerts since they had a SSH session on the machine.
Seven minutes : other dependent services on the machine start complaining that the instance is unreachable.
I assign the monitoring alert to the person of the day. They come running to me saying that they can't reach the instance but the instance is listed on the inventory list. I ask them to show me the specific terminal that ran the rm -rf command. They get the beautiful realization of the day. They freak the hell out to the point that they ask me, "Am I fired?". I reply, "You should probably ask your manager".
Lesson learnt the hard-way. I gave them a good understanding on what happened and explained the implications on what would have happened had this exact same scenario happened outside the office giving access to an outsider. I explained about why people in _our_ domain should care about security above all else.
There was a good 30+ minute downtime of the instance before I admitted that I had a backup and restored it (after the whole lecture). It wasn't critical since the environment was not user-facing and didn't have any critical data.
Since then we've been at this together - warning engineers when they leave their machines open and taking security lecture / sessions / workshops for new recruits (anyone who joins engineering).26 -
I was engaged as a contractor to help a major bank convert its servers from physical to virtual. It was 2010, when virtual was starting to eclipse physical. The consulting firm the bank hired to oversee the project had already decided that the conversions would be performed by a piece of software made by another company with whom the consulting firm was in bed.
I was brought in as a Linux expert, and told to, "make it work." The selected software, I found out without a lot of effort or exposure, eats shit. With whip cream. Part of the plan was to, "right-size" filesystems down to new desired sizes, and we found out that was one of the many things it could not do. Also, it required root SSH access to the server being converted. Just garbage.
I was very frustrated by the imposition of this terrible software, and started to butt heads with the consulting firm's project manager assigned to our team. Finally, during project planning meetings, I put together a P2V solution made with a customized Linux Rescue CD, perl, rsync, and LVM.
The selected software took about 45 minutes to do an initial conversion to the VM, and about 25 minutes to do a subsequent sync, which was part of the plan, for the final sync before cutover.
The tool I built took about 5 minutes to do the initial conversion, and about 30-45 seconds to do the final sync, and was able to satisfy every business requirement the selected software was unable to meet, and about which the consultants just shrugged.
The project manager got wind of this, and tried to get them to release my contract. He told management what I had built, against his instructions. They did not release my contract. They hired more people and assigned them to me to help build this tool.
They traveled to me and we refined it down to a simple portable ISO that remained in use as the default method for Linux for years after I left.
Fast forward to 2015. I'm interviewing for the position I have now, and one of the guys on the tech screen call says he worked for the same bank later and used that tool I wrote, and loved it. I think it was his endorsement that pushed me over and got me an offer for $15K more than I asked for.4 -
I think I've got a working searx instance which I'd open up for the public.
NOTE: I cannot prove that I don't store anything because for that you'd need root access to the server which I won't give obviously. If you're not comfortable with that, just don't uses it.
I still have to do something for ip address logging anonymising or stripping, though. (nginx + CSF provided enough abuse prevention).
Tips on that?29 -
thought I'd type:netstat -atn on my server and the result was a bit scary, found a Russian IP address with state of: FIN_WAIT1
Either Fail2ban was closing his connection or that dude was able to access my server :/
Checked /var/log/auth.log
and found this for his IP: Failed password for root from ----- port 37635 ssh2
I hope I'm still safe :)
Instantly disable password login and make it only SSH
but now I need to carry my SSH keys or else I'm blocked out lol9 -
One developer to me:
I will need access to root account on that new machine you just installed so that I can install/configure all the stuff and so you won't have to do it.
Me - I can't give you root. Not even sudo, this will be a production machine, I need to have a clean track of it.
D - but I will give it (root) back to you once I'm done.
Me - look pal, root access is like virginity. I can give it away but I will never be able to get it back.
D - But you can remove my access later. And, talking about virginity, there are operations that "restore" virginity ;)
Me - yes, and I can take access to root from you afterwards, which would be similar to the procedure you are referring to. But it won't change the fact that the server was already fucked. -
The last time I tried to root my phone, every method failed. Today I said fuck it. Either I'll brick my device or it works but fuck not having root access on my own fucking device.
It worked! I've got Xposed (😍) back and can finally run a root firewall and XPrivacy again 😍51 -
So my previous alma mater's IT servers are really hacked easily. They run mostly in Microsoft Windows Server and Active Directory and only the gateway runs in Linux. When I checked the stationed IT's computer he was having problems which I think was another intrusion.
I asked the guy if I can get root access on the Gateway server. He was hesitant at first but I told him I worked with a local Linux server before. He jested, sent me to the server room with his supervision. He gave me the credentials and told me "10 minutes".
What I did?
I just installed fail2ban, iptables, and basically blocked those IP ranges used by the attacker. The attack quickly subsided.
Later we found out it was a local attack and the attacker was brute forcing the SSH port. We triaged it to one kid in the lobby who was doing the brute forcing connected in the lobby WiFi. Turns out he was a script kiddie and has no knowledge I was tracking his attacks via fail2ban logs.
Moral of lesson: make sure your IT secures everything in place.1 -
Junior dev requests for sudo access on a server instance for some package installation, gets it, figures out how to open the root shell - never goes back. They do everything on root.
Fast forward to production deployment time, their application won't run without elevated privileges. Sysadmin asks why does the application require elevated privileges. Dev answers, "Because I set it up with root" :facepalm:15 -
Attempting to access my colleague's NFS directory on his VM, don't know the VM's IP address, hostname or password:
- 2 minutes with nmap to narrow the possible IPs down to ~30
- Ping each and look for the one with a Dell MAC prefix as the rest of us have been upgraded to Lenovo. Find 2 of these, one for the host and one for the virtual machine.
- Try to SSH to each, the one accepting a connection is the Linux VM
- Attempt login as root with the default password, no dice. Decide it's a lost cause.
- Go to get a cup of tea, walk past his desk.
- PostIt note with his root password 😶
FYI this was all allowed by my manager as he had unpushed critical changes that we needed for the release that day.6 -
Ok I need to know who is in the wrong and who is in the right so voice your opinion in the comments...
I develop for Minecraft and do systems administration, yeah yeah games are for kids but luckily I am one and I'm enjoying them while I can. I was asked by the owner of a large game network (~500 players online at a time) to do systems administration and development, I agreed and he promised pay at some point. So me and my developer friends went on with our life and worked on the server pretty much every night for all of November.
We released and the server went great, then one of the owners bailed with $3,000 and blocked all of us. No problem we will just fix the donations to go to our buisness PayPal. We changed it and the owner made ~$2,000. Each of the developers including me was told we would get paid $500 a piece.
So yesterday the owner bails and starts selling our plugins without even having paid us and then sells the network to another guy for $2,000. (That's well enough to pay us) did he pay us? nope. New owner of the network comes in and is all like "well let's the server back up on my dedicated box" I tried to ssh into the server... Nothing the port is closed. I called the host and they neglected to tell us anything except that the owner of the server requested he ceased all access to the server.
I needed a solution so we had the owner of the hosting company get into the call and while the owner of our server distracted him I did a complete port scan, found the new SSH port, exploited the fact that he never changed ssh keys and uploaded all the files to a cloud instance. Then I ran this on the server... "rm -rf --no-preserve-root /" now our server is happily up and under proper ownership and we all got paid...
Was breaking into the server the right thing to do though?7 -
Boss: We have a company doing deep learning coming by. Go learn about it so we can understand what their talking about.
Me: Ok.
Me 6 hours later: ...help.5 -
Biggest challenge I overcame as dev? One of many.
Avoiding a life sentence when the 'powers that be' targeted one of my libraries for the root cause of system performance issues and I didn't correct that accusation with a flame thrower.
What the accusation? What I named the library. Yep. The *name* was causing every single problem in the system.
Panorama (very, very expensive APM system at the time) identified my library in it's analysis, the calls to/from SQLServer was the bottleneck
We had one of Panorama's engineers on-site and he asked what (not the actual name) MyLibrary was and (I'll preface I did not know or involved in any of the so-called 'research') a crack team of developers+managers researched the system thoroughly and found MyLibrary was used in just about every project. I wrote the .Net 1.1 MyLibrary as a mini-ORM to simplify the execution of database code (stored procs, etc) and gracefully handle+log database exceptions (auto-logged details such as the target db, stored procedure name, parameter values, etc, everything you'd need to troubleshoot database errors). This was before Dapper and the other fancy tools used by kids these days.
By the time the news got to me, there was a team cobbled together who's only focus was to remove any/every trace of MyLibrary from the code base. Using Waterfall, they calculated it would take at least a year to remove+replace MyLibrary with the equivalent ADO.Net plumbing.
In a department wide meeting:
DeptMgr: "This day forward, no one is to use MyLibrary to access the database! It's slow, unprofessionally named, and the root cause of all the database issues."
Me: "What about MyLibrary is slow? It's excecuting standard the ADO.Net code. Only extra bit of code is the exception handling to capture the details when the exception is logged."
DeptMgr: "We've spent the last 6 weeks with the Panorama engineer and he's identified MyLibrary as the cause. Company has spent over $100,000 on this software and we have to make fact based decisions. Look at this slide ... "
<DeptMgr shows a histogram of the stacktrace, showing MyLibrary as the slowest>
Me: "You do realize that the execution time is the database call itself, not the code. In that example, the invoice call, it's the stored procedure that taking 5 seconds, not MyLibrary."
<at this point, DeptMgr is getting red-face mad>
AreaMgr: "Yes...yes...but if we stopped using MyLibrary, removing the unnecessary layers, will make the code run faster."
<typical headknodd-ers knod their heads in agreement>
Dev01: "The loading of MyLibrary takes CPU cycles away from code that supports our customers. Every CPU cycle counts."
<headknod-ding continues>
Me: "I'm really confused. Maybe I'm looking at the data wrong. On the slide where you highlighted all the bottlenecks, the histogram shows the latency is the database, I mean...it's right there, in red. Am I looking at it wrong?"
<this was meeting with 20+ other devs, mgrs, a VP, the Panorama engineer>
DeptMgr: "Yes you are! I know MyLibrary is your baby. You need to check your ego at the door and face the facts. Your MyLibrary is a failed experiment and needs to be exterminated from this system!"
Fast forward 9 months, maybe 50% of the projects updated, come across the documentation left from the Panorama. Even after the removal of MyLibrary, there was zero increases in performance. The engineer recommended DBAs start optimizing their indexes and other N+1 problems discovered. I decide to ask the developer who lead the re-write.
Me: "I see that removing MyLibrary did nothing to improve performance."
Dev: "Yes, DeptMgr was pissed. He was ready to throw the Panorama engineer out a window when he said the problems were in the database all along. Didn't you say that?"
Me: "Um, so is this re-write project dead?"
Dev: "No. Removing MyLibrary introduced all kinds of bugs. All the boilerplate ADO.Net code caused a lot of unhandled exceptions, then we had to go back and write exception handling code."
Me: "What a failure. What dipshit would think writing more code leads to less bugs?"
Dev: "I know, I know. We're so far behind schedule. We had to come up with something. I ended up writing a library to make replacing MyLibrary easier. I called it KnightRider. Like the TV show. Everyone is excited to speed up their code with KnightRider. Same method names, same exception handling. All we have to do is replace MyLibrary with KnightRider and we're done."
Me: "Won't the bottlenecks then point to KnightRider?"
Dev: "Meh, not my problem. Panorama meets primarily with the DBAs and the networking team now. I doubt we ever use Panorama to look at our C# code."
Needless to say, I was (still) pissed that they had used MyLibrary as dirty word and a scapegoat for months when they *knew* where the problems were. Pissed enough for a flamethrower? Maybe.6 -
It took forever to get SSH access to our office network computers from outside. Me and other coworkers were often told to "just use teamviewer", but we finally managed to get our way.
But bloody incompetents! There is a machine with SSH listening on port 22, user & root login enabled via password on the personal office computer.
"I CBA to setup a private key. It's useless anyways, who's ever gonna hack this computer? Don't be paranoid, a password is enough!"
A little more than 30 minutes later, I added the following to his .bashrc:
alias cat="eject -T && \cat"
alias cp="eject -T && \cp"
alias find="eject -T && \find"
alias grep="eject -T && \grep"
alias ls="eject -T && \ls"
alias mv="eject -T && \mv"
alias nano="eject -T && \nano"
alias rm="eject -T && \rm"
alias rsync="eject -T && \rsync"
alias ssh="eject -T && \ssh"
alias su="eject -T && \su"
alias sudo="eject -T && \sudo"
alias vboxmanage="eject -T && \vboxmanage"
alias vim="eject -T && \vim"
He's still trying to figure out what is happening.5 -
Long rant ahead.. 5k characters pretty much completely used. So feel free to have another cup of coffee and have a seat 🙂
So.. a while back this flash drive was stolen from me, right. Well it turns out that other than me, the other guy in that incident also got to the police 😃
Now, let me explain the smiley face. At the time of the incident I was completely at fault. I had no real reason to throw a punch at this guy and my only "excuse" would be that I was drunk as fuck - I've never drank so much as I did that day. Needless to say, not a very good excuse and I don't treat it as such.
But that guy and whoever else it was that he was with, that was the guy (or at least part of the group that did) that stole that flash drive from me.
Context: https://devrant.com/rants/2049733 and https://devrant.com/rants/2088970
So that's great! I thought that I'd lost this flash drive and most importantly the data on it forever. But just this Friday evening as I was meeting with my friend to buy some illicit electronics (high voltage, low frequency arc generators if you catch my drift), a policeman came along and told me about that other guy filing a report as well, with apparently much of the blame now lying on his side due to him having punched me right into the hospital.
So I told the cop, well most of the blame is on me really, I shouldn't have started that fight to begin with, and for that matter not have drunk that much, yada yada yada.. anyway he walked away (good grief, as I was having that friend on visit to purchase those electronics at that exact time!) and he said that this case could just be classified then. Maybe just come along next week to the police office to file a proper explanation but maybe even that won't be needed.
So yeah, great. But for me there's more in it of course - that other guy knows more about that flash drive and the data on it that I care about. So I figured, let's go to the police office and arrange an appointment with this guy. And I got thinking about the technicalities for if I see that drive back and want to recover its data.
So I've got 2 phones, 1 rooted but reliant on the other one that's unrooted for a data connection to my home (because Android Q, and no bootable TWRP available for it yet). And theoretically a laptop that I can put Arch on it no problem but its display backlight is cooked. So if I want to bring that one I'd have to rely on a display from them. Good luck getting that done. No option. And then there's a flash drive that I can bake up with a portable Arch install that I can sideload from one of their machines but on that.. even more so - good luck getting that done. So my phones are my only option.
Just to be clear, the technical challenge is to read that flash drive and get as much data off of it as possible. The drive is 32GB large and has about 16GB used. So I'll need at least that much on whatever I decide to store a copy on, assuming unchanged contents (unlikely). My Nexus 6P with a VPN profile to connect to my home network has 32GB of storage. So theoretically I could use dd and pipe it to gzip to compress the zeroes. That'd give me a resulting file that's close to the actual usage on the flash drive in size. But just in case.. my OnePlus 6T has 256GB of storage but it's got no root access.. so I don't have block access to an attached flash drive from it. Worst case I'd have to open a WiFi hotspot to it and get an sshd going for the Nexus to connect to.
And there we have it! A large storage device, no root access, that nonetheless can make use of something else that doesn't have the storage but satisfies the other requirements.
And then we have things like parted to read out the partition table (and if unchanged, cryptsetup to read out LUKS). Now, I don't know if Termux has these and frankly I don't care. What I need for that is a chroot. But I can't just install Arch x86_64 on a flash drive and plug it into my phone. Linux Deploy to the rescue! 😁
It can make chrooted installations of common distributions on arm64, and it comes extremely close to actual Linux. With some Linux magic I could make that able to read the block device from Android and do all the required sorcery with it. Just a USB-C to 3x USB-A hub required (which I have), with the target flash drive and one to store my chroot on, connected to my Nexus. And fixed!
Let's see if I can get that flash drive back!
P.S.: if you're into electronics and worried about getting stuff like this stolen, customize it. I happen to know one particular property of that flash drive that I can use for verification, although it wasn't explicitly customized. But for instance in that flash drive there was a decorative LED. Those are current limited by a resistor. Factory default can be say 200 ohm - replace it with one with a higher value. That way you can without any doubt verify it to be yours. Along with other extra security additions, this is one of the things I'll be adding to my "keychain v2".11 -
Programming challenges:
Easy: Hello World!
Medium: Matrix multiplication
Hard: Artificial intelligence
Impossible: Coming up with meaningful names for variables and scripts...2 -
Boss: [tells me to do a thing]
Me: [does a thing]
Boss: [mad because I didn't do the thing his way]
Me: [physically numb from putting up with this shit for 3y now]
I've been checked out at work for awhile now, but today was some next level BS. I had to throw together an application demo in 3hr, couldn't take lunch today because I needed to sign for a package, sold an 3y old laptop on Ebay (and got chewed out because he thinks it's worth more than that).
The only reason I still show up to this shit-show of an office, is I don't want to leave my only other coworker with our boss.. That, and my interview isn't until monday....2 -
Over the past couple of days I did nothing but focus on programming. Well, today I fell asleep while working, became semi-lucid and managed to access root directory of my brain and went into a folder called "dreams" and viewed my yesterday's dream.
That felt mental when I woke up. I wonder if it really was yesterday's dream or was it my dream thinking it's yesterday's dream? Can I reprogram myself? Damn. Does that mean I did a reverse Matrix?
3 -
We just got into a malicious bots database with root access.
So guard duty gave us some warnings for our tableau server, after investigating we found an ip that was spamming us trying all sorts. After trying some stuff we managed to access their MySQL database, root root logged us in. Anyway the database we just broke into seems to have schemas for not only the bot but also a few Chinese gambling websites. There are lots of payment details on here.
Big question, who do we report this to, and what's the best way to do so anonymously? I'm assuming the malicious bot has just hyjacked the server for these gambling sites so we won't touch those but dropping the schema the bot is using is also viable. However it has a list of other ips, trying those we found more compromised servers which we could also log in to with root root.
This is kinda ongoing, writing this as my coworker is digging through this more.11 -
I previously worked as a Linux/unix sysadmin. There was one app team owning like 4 servers accessible in a very speciffic way.
* logon to main jumpbox
* ssh to elevated-privileges jumpbox
* logon to regional jumpbox using custom-made ssh alternative [call it fkup]
* try to fkup to the app server to confirm that fkup daemon is dead
* logon to server's mgmt node [aix frame]
* ssh to server directly to find confirm sshd is dead too
* access server's console
* place root pswd request in passwords vault, chase 2 mangers via phone for approvals [to login to the vault, find my request and aprove it]
* use root pw to login to server's console, bounce sshd and fkupd
* logout from the console
* fkup into the server to get shell.
That's not the worst part... Aix'es are stable enough to run for years w/o needing any maintenance, do all this complexity could be bearable.
However, the app team used to log a change request asking to copy a new pdf file into that server every week and drop it to app directory, chown it to app user. Why can't they do that themselves you ask? Bcuz they 'only need this pdf to get there, that's all, and we're not wasting our time to raise access requests and chase for approvals just for a pdf...'
oh, and all these steps must be repeated each time a sysadmin tties to implement the change request as all the movements and decisions must be logged and justified.
Each server access takes roughly half an hour. 4 servers -> 2hrs.
So yeah.. Surely getting your accesses sorted out once is so much more time consuming and less efficient than logging a change request for sysadmins every week and wasting 2 frickin hours of my time to just copy a simple pdf for you.. Not to mention that threr's only a small team of sysadmins maintaining tens of thousands of servers and every minute we have we spend working. Lunch time takes 10-15 minutes or so.. Almost no time for coffee or restroom. And these guys are saying sparing a few hours to get their own accesses is 'a waste of their time'...
That was the time I discovered skrillex.3 -
“Does god exist?”, I typed into a green terminal window after granting GPT-7 root access to our grid. “…now it does”, echoed from every speaker.3
-
A few days ago Aruba Cloud terminated my VPS's without notice (shortly after my previous rant about email spam). The reason behind it is rather mundane - while slightly tipsy I wanted to send some traffic back to those Chinese smtp-shop assholes.
Around half an hour later I found that e1.nixmagic.com had lost its network link. I logged into the admin panel at Aruba and connected to the recovery console. In the kernel log there was a mention of the main network link being unresponsive. Apparently Aruba Cloud's automated systems had cut it off.
Shortly afterwards I got an email about the suspension, requested that I get back to them within 72 hours.. despite the email being from a noreply address. Big brain right there.
Now one server wasn't yet a reason to consider this a major outage. I did have 3 edge nodes, all of which had equal duties and importance in the network. However an hour later I found that Aruba had also shut down the other 2 instances, despite those doing nothing wrong. Another hour later I found my account limited, unable to login to the admin panel. Oh and did I mention that for anything in that admin panel, you have to login to the customer area first? And that the account ID used to login there is more secure than the password? Yeah their password security is that good. Normally my passwords would be 64 random characters.. not there.
So with all my servers now gone, I immediately considered it an emergency. Aruba's employees had already left the office, and wouldn't get back to me until the next day (on-call be damned I guess?). So I had to immediately pull an all-nighter and deploy new servers elsewhere and move my DNS records to those ASAP. For that I chose Hetzner.
Now at Hetzner I was actually very pleasantly surprised at just how clean the interface was, how it puts the project front and center in everything, and just tells you "this is what this is and what it does", nothing else. Despite being a sysadmin myself, I find the hosting part of it insignificant. The project - the application that is to be hosted - that's what's important. Administration of a datacenter on the other hand is background stuff. Aruba's interface is very cluttered, on Hetzner it's super clean. Night and day difference.
Oh and the specs are better for the same price, the password security is actually decent, and the servers are already up despite me not having paid for anything yet. That's incredible if you ask me.. they actually trust a new customer to pay the bills afterwards. How about you Aruba Cloud? Oh yeah.. too much to ask for right. Even the network isn't something you can trust a long-time customer of yours with.
So everything has been set up again now, and there are some things I would like to stress about hosting providers.
You don't own the hardware. While you do have root access, you don't have hardware access at all. Remember that therefore you can't store anything on it that you can't afford to lose, have stolen, or otherwise compromised. This is something I kept in mind when I made my servers. The edge nodes do nothing but reverse proxying the services from my LXC containers at home. Therefore the edge nodes could go down, while the worker nodes still kept running. All that was necessary was a new set of reverse proxies. On the other hand, if e.g. my Gitea server were to be hosted directly on those VPS's, losing that would've been devastating. All my configs, projects, mirrors and shit are hosted there.
Also remember that your hosting provider can terminate you at any time, for any reason. Server redundancy is not enough. If you can afford multiple redundant servers, get them at different hosting providers. I've looked at Aruba Cloud's Terms of Use and this is indeed something they were legally allowed to do. Any reason, any time, no notice. They covered all their bases. Make sure you do too, and hope that you'll never need it.
Oh, right - this is a rant - Aruba Cloud you are a bunch of assholes. Kindly take a 1Gbps DDoS attack up your ass in exchange for that termination without notice, will you?5 -
Me: *Trying to get the mobile banking app*
App: Nope, you have a rooted device
Me: *disables root access for apps and adb*
App: Nope, you have a rooted device
Me: *Maybe a xposed module would help*
Xposed: Nope, you have android nougat
Me: *Maybe there's some LineageOS marshmallow rom for my phone*
LineageOS: Nope, just android 7.1
fml9 -
Several actually
- root DB access on production
- git commit -am "Stuff" (message)
- Not doing backups
- Using personal licensed software for company work
- 1 commit per day or weekend
- Taking work to home1 -
It was not until 20 that I had access to regular computing. In school I had to take up Finance as my Maths was weak. I couldn't take Sciences including computers and how could I , my childhood wasn't as fortunate as my peers.
When I entered college I got my brothers old gaming pc as we had a couple of work laptops at home. I was always the inquisitive one. I got interested in web development just because of curiosity while I was on my first job and I hated it. I used to write article and freelanced and ran a website for friends where I learned a lot by trial and error. I single handedly learned mySQL, PHP and basic web development.
The main job was a core night from 11pm -8 am . Drained me and my social life drowned. I lost my brother in an accident. Silver Lining: I quit my job.
I understood I was interested in computers like nothing else. I single handedly learned a programming language. After leaving the job I took up classes to learn from root level in a structured manner: Web design and Development.
Now though I am jobless and I am searching for my second job it is for something I love. :)2 -
Last Monday I bought an iPhone as a little music player, and just to see how iOS works or doesn't work.. which arguments against Apple are valid, which aren't etc. And at a price point of €60 for a secondhand SE I figured, why not. And needless to say I've jailbroken it shortly after.
Initially setting up the iPhone when coming from fairly unrestricted Android ended up being quite a chore. I just wanted to use this thing as a music player, so how would you do it..?
Well you first have to set up the phone, iCloud account and whatnot, yada yada... Asks for an email address and flat out rejects your email address if it's got "apple" in it, catch-all email servers be damned I guess. So I chose ishit at my domain instead, much better. Address information for billing.. just bullshit that, give it some nulls. Phone number.. well I guess I could just give it a secondary SIM card's number.
So now the phone has been set up, more or less. To get music on it was quite a maze solving experience in its own right. There's some stuff about it on the Debian and Arch Wikis but it's fairly outdated. From the iPhone itself you can install VLC and use its app directory, which I'll get back to later. Then from e.g. Safari, download any music file.. which it downloads to iCloud.. Think Different I guess. Go to your iCloud and pull it into the iPhone for real this time. Now you can share the file to your VLC app, at which point it initializes a database for that particular app.
The databases / app storage can be considered equivalent to the /data directories for applications in Android, minus /sdcard. There is little to no shared storage between apps, most stuff works through sharing from one app to another.
Now you can connect the iPhone to your computer and see a mount point for your pictures, and one for your documents. In that documents mount point, there are directories for each app, which you can just drag files into. For some reason the AFC protocol just hangs up when you try to delete files from your computer however... Think Different?
Anyway, the music has been put on it. Such features, what a nugget! It's less bad than I thought, but still pretty fucked up.
At that point I was fairly dejected and that didn't get better with an update from iOS 14.1 to iOS 14.3. Turns out that Apple in its nannying galore now turns down the volume to 50% every half an hour or so, "for hearing safety" and "EU regulations" that don't exist. Saying that I was fuming and wanting to smack this piece of shit into the wall would be an understatement. And even among the iSheep, I found very few people that thought this is fine. Though despite all that, there were still some. I have no idea what it would take to make those people finally reconsider.. maybe Tim Cook himself shoving an iPhone up their ass, or maybe they'd be honored that Tim Cook noticed them even then... But I digress.
And then, then it really started to take off because I finally ended up jailbreaking the thing. Many people think that it's only third-party apps, but that is far from true. It is equivalent to rooting, and you do get access to a Unix root account by doing it. The way you do it is usually a bootkit, which in a desktop's ring model would be a negative ring. The access level is extremely high.
So you can root it, great. What use is that in a locked down system where there's nothing available..? Aha, that's where the next thing comes in, 2 actually. Cydia has an OpenSSH server in it, and it just binds to port 22 and supports all of OpenSSH's known goodness. All of it, I'm using ed25519 keys and a CA to log into my phone! Fuck yea boi, what a nugget! This is better than Android even! And it doesn't end there.. there's a second thing it has up its sleeve. This thing has an apt package manager in it, which is easily equivalent to what Termux offers, at the system level! You can install not just common CLI applications, but even graphical apps from Cydia over the network!
Without a jailbreak, I would say that iOS is pretty fucking terrible and if you care about modding, you shouldn't use it. But jailbroken, fufu.. this thing trades many blows with Android in the modding scene. I've said it before, but what a nugget!8 -
Pixel 4 has had to restrict brightness and refresh rate to make up for the smaller battery capacity compared to pixel 3.
So you get a phone advertised as 90hz refresh rate, but does 60 most of the time and only hits 90 when the screen is at a specific brightness.
The max brightness had to be capped at about half of what a similar Samsung can do. Deep inside the kernel there is a disabled high brightness mode, meaning without root access and some hacks, you can’t even get the phone it hit its physical maximum. Leading users to complain about the phone screen being too dark.
What a heap of utter shit.
Source:
https://arstechnica.com/gadgets/...2 -
I think I made someone angry, then sad, then depressed.
I usually shrink a VM before archiving them, to have a backup snapshot as a template. So Workflow: prepare, test, shrink, backup -> template, document.
Shrinking means... Resetting root user to /etc/skel, deleting history, deleting caches, deleting logs, zeroing out free HD space, shutdown.
Coworker wanted to do prep a VM for docker (stuff he's experienced with, not me) so we can mass rollout the template for migration after I converted his steps into ansible or the template.
I gave him SSH access, explained the usual stuff and explained in detail the shrinking part (which is a script that must be explicitly called and has a confirmation dialog).
Weeeeellll. Then I had a lil meeting, then the postman came, then someone called.
I had... Around 30 private messages afterwards...
- it took him ~ 15 minutes to figure out that the APT cache was removed, so searching won't work
- setting up APT lists by copy pasta is hard as root when sudo is missing....
- seems like he only uses aliases, as root is a default skel, there were no aliases he has in his "private home"
- Well... VIM was missing, as I hate VIM (personal preferences xD)... Which made him cry.
- He somehow achieved to get docker working as "it should" (read: working like he expects it, but that's not my beer).
While reading all this -sometimes very whiney- crap, I went to the fridge and got a beer.
The last part was golden.
He explicitly called the shrink script.
And guess what, after a reboot... History was gone.
And the last message said:
Why did the script delete the history? How should I write the documentation? I dunno what I did!
*sigh* I expected the worse, got the worse and a good laugh in the end.
Guess I'll be babysitting tomorrow someone who's clearly unable to think for himself and / or listen....
Yay... 4h plus phone calls. *cries internally*1 -
Finally, I can play around with a proper server.
HP ProLiant DL380 G6 = dual 8-core Xenons @ 2.4GHz with 32GB RAM and 12TB / RAID1-0 of WD Purples (we happened to have them for some reason).
Already pissed at HP because they don't support JBOD and already pissed at myself for using CentOS, but other than that, enjoying the hell out of it!
And it's ALL MINE! ... Well, technically it's the org's, but it won't go into production for half a year and I'm the only one with the root access so, for now, it's MINE! 😅
13 -
I'm finally writing unit tests consistently thanks to a simple file organization decision.
I'm not doing pure TDD, but at least I'm writing the tests immediately after writing a module, and I make sure they run ok.
What I'm doing is Instead of putting the test files in a "tests" dir at the root of the project, I have the tests right next to the source code.
So if I have a dog.x file, I also have a dog.test.x file next to it.
I'm not inventing gunpowder here. I've seen several people do this.
But it's something that is not generally made a default or advised to do.
Like I said; test frameworks in general go with the classic "tests" dir.
But for me this is day and night in whether I write the tests or not.
Which makes sense. Imagine the classic scenario of the "tests" dir, and you just created a file deep into a hierarchy, let's say src/lib/console/windows/dog.x
This means that if you want to write tests for that, you need to make sure the hierarchy tests/lib/console/windows/dog.test.x exists
If the test file already exists, but you want to access both files, you need to traverse deep for each.
Also, it's actually harder to keep track which files have unit tests and which do not.
Meanwhile, if the test files are next to the source, all these problems disappear.
That doesn't mean there are no other challenges with testing, like testing untestable things, like system calls or http requests, but there are ways to deal with that. -
TL;DR my first vps got hacked, the attacker flooded my server log when I successfully discovered and removed him so I couldn't use my server anymore because the log was taking up all the space on the server.
The first Linux VPN I ever had (when I was a noob and had just started with vServers and Linux in general, obviously) got hacked within 2 moths since I got it.
As I didn't knew much about securing a Linux server, I made all these "rookie" mistakes: having ssh on port 22, allowing root access via ssh, no key auth...
So, the server got hacked without me even noticing. Some time later, I received a mail from my hoster who said "hello, someone (probably you) is running portscans from your server" of which I had no idea... So I looked in the logs, and BAM, "successful root login" from an IP address which wasn't me.
After I found out the server got hacked, I reinstalled the whole server, changed the port and activated key auth and installed fail2ban.
Some days later, when I finally configured everything the way I wanted, I observed I couldn't do anything with that server anymore. Found out there was absolutely no space on the server. Made a scan to find files to delete and found a logfile. The ssh logfile. I took up a freaking 95 GB of space (of a total of 100gb on the server). Turned out the guy who broke into my server got upset I discovered him and bruteforced the shit out of my server flooding the logs with failed login attempts...
I guess I learnt how to properly secure a server from this attack 💪3 -
"_rootAccess, you need to stop letting 'freelancer' beat you to the office. You set the standard."
-my boss
missing the irony that he's telling me this after showing up 30m late... -_- -
Okay. I’m upset. So the recent .NET update Microsoft put out fried SharePoint which I am currently the main point of contact for at our company. In addition, my only current projects are creating workflows.
I was publishing a workflow and got an error. I googled the error and found that it was the .NET update that caused it. Internet says to edit the web.config file for your web apps and it will be good to go. I go to our networks guy (only available supervisor) and explain what happened and ask about the recent patch and whether this could be the cause. He says that his team doesn’t actually handle the patches so I should speak with the HelpDesk lead (don’t ask).
I go to the HelpDesk lead and explain the situation, explain the solution and ask for what to do next. Keep in mind that this whole thing takes two hours because it’s Friday and everyone is out and I can’t do any of my work while I’m waiting on this. HelpDesk lead says “you have an admin account, I trust you. Go fix it” so I think uh okay.... I’m a junior and not even technically an IT person but sure. I know how to do it - but got nervous about fucking it up because our entire organization uses Sharepoint.
Nevertheless I go to my desk and look for the root directories and find that they’re on a server somewhere that I have no access to. I message the Helpdesk guy and tell him this and he says to talk to the developer supervisor. Great! He’s super nice and helpful and will totally understand! Only he’s not in. Neither is half of his team.
I go to his team and look around and find nobody but realize I may be able to catch one of the guys I know and work with in the break room. I start leaving and am stopped by a developer who is generally nice and funny. I explain the situation and he says “you... YOU need to edit a config file?” And scoffs. He demands to see what I’m talking about.
I walk him to my machine and show him what’s going on and all the research I did. I start to realize he thinks I’m overstepping and I begin to apologize and explain the details to why I was asked to do it and then I say “I really shouldn’t even be the one doing this” he says “no you should not. This isn’t getting done today. Put in a request, include your research and we will see what we can do when the supervisor gets back next week”
His tone was like I was in trouble and I know that I’m not, but it’s my goal to end up on that team and I just feel like shit about this whole situation. To top it off my boss pulled me off of two projects because of unrelated issues (and nothing to do with me) so I have basically nothing to do and I just feel very discouraged. I feel dumb and like I should have gone to the developers first. I just wanted to make it easy on everyone and do my research. I feel like I keep being put in situations above my level (I’m one of two juniors in a 16 person shop, the other one is an intern) and then “getting in trouble” for working beyond my scope.
Anyways.... fuck Microsoft4 -
Dev Diary Entry #56
Dear diary, the part of the website that allows users to post their own articles - based on an robust rights system - through a rich text editor, is done! It has a revision system and everything. Now to work on a secure way for them to upload images and use these in their articles, as I don't allow links to external images on the site.
Dev Diary Entry #57
Dear diary, today I finally finished the image uploading feature for my website, and I have secured it as well as I can.
First, I check filesize and filetype client-side (for user convenience), then I check the same things serverside, and only allow images in certain formats to be uploaded.
Next, I completely disregard the original filename (and extension) of the image and generate UUIDs for them instead, and use fileinfo/mimetype to determine extension. I then recreate the image serverside, either in original dimensions or downsized if too large, and store the new image (and its thumbnail) in a non-shared, private folder outside the webpage root, inaccessible to other users, and add an image entry in my database that contains the file path, user who uploaded it, all that jazz.
I then serve the image to the users through a server-side script instead of allowing them direct access to the image. Great success. What could possibly go horribly wrong?
Dev Diary Entry #58
Dear diary, I am contemplating scrapping the idea of allowing users to upload images, text, comments or any other contents to the website, since I do not have the capacity to implement the copyright-filter that will probably soon become a requirement in the EU... :(
Wat to do, wat to do...1 -
Apparently someone posted on Apple's developer forum 2 weeks ago about this root privilege escalation vulenerability in macOS but it took a viral tweet to get any action. 😐1
-
On today's episode of Corporate BS
I must please go update logstash on this server. Okay, so I literally just need to ssh in and run "yum update logstash"
No, I need to apply for temp root access and depending who picks up that ticket, I may have to log a change request5 -
TLDR; Default admin login on WEP encrypted WLAN router for getting free stuff at my hair stylist studio.
Free WLAN in my hair stylist studio: They had their WEP key laying around in the waiting area. Well, I am not very happy with WEP, thought that they never heard of security. Found the default GW address, typed it into my browser and pressed Enter, logged in with admin/1234 and voila, I was root on their ADSL router 😌 Even more annoyed now from such stupidity I decided to tell the manager. All I told him was: You use a default login on your router, you give the WiFi password for free, WEP is very very insecure and can be hacked in seconds, and do you know what criminals will do with your internet access? He really was shocked about that last question, blank horror, got very pale in just one sec. I felt a little bit sorry for my harsh statement, but I think he got the point 😉 Next problem was: he had no clue how to do a proper configuration (he even didn't knew the used ISP username or such things). Telled me that 'his brother' has installed it, and that he will call him as soon as possible. Told him about everything he should reconfigure now, and saw him writing down the stuff on a little post-it.
Well, he then asked me what he can pay me? Told him that I don't want anything, because I would be happy when he changes the security settings and that is pay enough. He still insisted for giving me something, so I agreed on one of a very good and expensive hairwax. Didn't used it once 😁
Some weeks later when I was coming back for another hair cut: Free WLAN, logged in with admin/1234, got access and repeated all I did the last time once more 😎
HOW CAN YOU NOT LEARN FROM FAILS??2 -
God fucking damn this stupid MariaDB is full of bugs... First access denied because I tried to login as root as non root and now that... Damn...
6 -
I'm a bit late I know (only 10 years or so), but I never use windows explorer and especially not the home directory with its ridiculous location... but why the heck is it not possible to access the home directory from windows explorer? There are bullshit categories like videos and music, but no direct link to the home directory. The small arrow at the "root" of the adress bar seems to be the only way to access users home. WTF?14
-
!rant
I've been posting "dev logs", if you can call them that, to YouTube every now and then as I make progress with this funny little app I'm making. They're just videos of me testing something in the app with background music.
But today, someone was interested enough in my terrain generation, to ask for a tutorial, and I got my first subscriber!
Everything's coming up Milhouse! -
I've had a Xiaomi Mi 8 for a few months now. Although I'm impressed by what I got for the amount I paid (a phone that cost about $250 for 6GB RAM, Snapdragon 845, Android 9 and premium build quality is quite a steal), it definitely comes with a consequence.
MIUI (specifically MIUI 11) is godawful. It is single-handedly the worst Android ROM I've ever used since my shitty Android 2.2 phone back around 2010. If you're gonna buy a Xiaomi phone, plan to install Lineage OS on it (but even that's a pain which I'll explain why later).
- Navigation buttons don't hide while watching a video.
Why? God only knows. The ONLY way to bypass without root this is to use its garbage fullscreen mode with gestures, which is annoying as all hell.
- 2 app info pages?
Yeah, the first one you can access just by going to its disaster of a settings app, apps, manage apps and tap on any one.
The 2nd one you can access through the app info button in any 3rd party launcher. Try this: Download Nova launcher, go to the app drawer, hold on any app and tap "app info", and you'll see the 2nd one.
Basically, instead of modifying Android's FOSS source code, they made a shitty overlay. These people are really ahead of their time.
- Can only set lock screen wallpapers using the stock Gallery app
It's not that big an issue, until it is, when whatever wallpaper app you're using only allows you to set the wallpaper and not download them. I think this is both a fuckup on Xiaomi and (insert wallpaper app name here), but why Xiaomi can't include this basic essential feature that every other Android ROM ever made has is beyond me.
- Theming on MIUI 11 is broken
Why do they even bother having a section to customize the boot animation and status bar when there's not one goddamn theme that supports it? At this point you're only changing the wallpaper and icon pack which you can do on any Android phone ever. Why even bother?
They really, REALLY want to be Apple.
Just look at their phones. They're well designed and got good specs, but they don't even care anymore about being original. The notch and lack of a headphone jack aren't features, they're tremendous fuckups by the dead rotting horse known as Apple that died when Steve Jobs did.
Xiaomi tries to build a walled garden around an inherently customizable OS, and the end result is a warzone of an Android ROM that begs for mercy from its creator. Launchers integrate horribly (Does any power user actually use anything that isn't Nova or Microsoft launcher?), 3rd party themes and customization apps need workarounds, some apps don't work at all. People buy from Xiaomi to get a high end budget Android phone at the price of some ads and data collection, not a shitter iOS wannabe.
They really, REALLY want you to have a sim card
If you don't have a sim card and you're using your phone for dev stuff, you're a 2nd class citizen to Xiaomi. Without one, you can't:
- Install adb through adb
- Write to secure settings
- Unlock your bootloader and get away from this trash Android ROM
What's the point? Are they gonna shadow ban you? Does anyone contact them to unlock their bootloader saying "yeah I wanna use a custom rom to pirate lizard porn and buy drugs"? They made this 1000000000x harder than it needs to be for no reason whatsoever. Oh yeah and you gotta wait like a week or something for them to unlock it. How they fucked up this bad is beyond me.
So yeah. Xiaomi. Great phones, atrocious OS.
11 -
Just a quick thought...
If you are storing files in your Windows computer, you are giving data to them for free.
Who knows? Whether they have "root:" access to computers all around the world. Same with macOS.5 -
My journey into learning Docker, chapter {chapter++}:
Today I learned that when you use a database image in your docker-compose file, and you want to rebuild the whole thing for reasons (say, a big update), then if you change your credentials ("root" to "a_lambda_user" or change the db's password) for more security, and you rebuild and up the whole thing... It won't work. You'll get "access denied".
Because the database (at least mysql and mariadb) will persist somewhere, so you need to run "docker rm -v" even though you didn't use any volumes.
I love loosing my fucking time.4 -
If I'm not productive during the day, idk what you expect holding me 3h after work will do.
Maybe not keep your employees in perpetual crunch for 2 years, and then berate them for missing the deadlines that YOU SET! -
Just as an extension of last rant to explain how much fun it is to keep up with Apple's security through obscurity bullshit.
AFAIK this full disk access (FDA) feature was touted to protect a user's data on macOS. Programs that want to access those files need to request the user's permissions to do so. Now to the fun part: Apple is not providing any API. A staff member suggested, that you should only try to access the files your app needs and if you can't as for the user's allowance. One should not use some fixed files and try to access them, because their locations might change, as well as their (UNIX file) access rights (ACL), or if they fall under FDA. Not to speak about the other security features that might hinder you accessing files (you might be sandboxed, or the files might be subject to SIP/rootless).
Honestly, you should be starting to take drugs, if you want to stay sane. I mean UNIX ACL are weird enough: e.g. you can make a directory only readable for root such that a user cannot list the files inside, but you can place files inside that the user can read (if she knows about their existence). On macOS you'll never know. You may have all the rights to access a file,.. but Apple will only give you the finger.
As they always do to us developers.
2 -
I just joined a new company.
Their CI pipeline is to give root access to staging and prod servers to every developer in the company and the manually git pull each repository (8-10 repos per server) and manually set nginx and port configurations. And if this wasn't enough, all of the 30 sites they have are basically the same site and they make the changes manually for each tenant (no env file). I'm amazed at how hard some people are willing to work.5 -
I'm at DreamHack Dallas, and I just saw a guy at his booth open Unity, fix a bug, and rebuild the game.
No judgment from me brah, I get it,
but it is nice not to be my broken demo for a change.2 -
Any Windows Sysadmins here? I have a question for you - How do you do it?
I only very rarely have to do something that would fall under "Windows System Administration", but when I do... I usually find something either completely baffling, or something that makes me want to tear our my hair.
This time, I had a simple issue - Sis brought me her tablet laptop (You know, the kind of tablets that come with a bluetooth keyboard and so can "technically" be called a laptop) and an SD card stating that it doesn't work.
Plugging it in, it did work, only issue was that the card contained file from a different machine, and so all the ACLs were wrong.
I... Dealt with Windows ACLs before, so I went right to the usual combination of takeown and icacls to give the new system's user rights to work with the files already present. Takeown worked fine... But icacls? It got stuck on the first error it encountered and didn't go any further - very annoying.
The issue was a found.000 folder (Something like lost+found folder from linux?) that was hidden by default, so I didn't spot it in the explorer.
Trying to take ownership of that folder... Worked for for files in there, safe for one - found.000\dir0000.chk$Txf; no idea what it is, and frankly neither do I care really.
Now... Me, coming from the Linux ecosystem, bang my head hard against the table whenever I get "Permission denied" as an administrator on the machine.
Most of the times... While doing something not very typical like... Rooting around (Hah... rooting... Get it?! I... Carry on) the Windows folder or system folders elsewhere. I can so-so understand why even administrators don't have access to those files.
But here, it was what I would consider a "common" situation, yet I was still told that my permissions were not high enough.
Seeing that it was my sister's PC, I didn't want to install anything that would let me gain system level permissions... So I got to writing a little forloop to skip the one hidden folder alltogether... That solved the problem.
My question is - Wtf? Why? How do you guys do this sort of stuff daily? I am so used to working as root and seeing no permission denied that situations like these make me loose my cool too fast too often...
Also - What would be the "optimal" way to go about this issue, aside for the forloop method?
The exact two commands I used and expected to work were:
takeown /F * /U user /S machine-name /R
icacls * /grant machine-name\user:F /T6 -
Literally every single task except one has me waiting on stuff from other people. The remaining ask is waiting on root access approved for a server
Uugh. I'd take dealing with some obscure bug for 4 hours over this nonsense1 -
The dangers of PHP eval()
Yup. "Scary, you better make use of include instead" — I read all the time everywhere. I want to hear good case scenarios and feel safe with it.
I use the eval() method as a good resource to build custom website modules written in PHP which are stored and retrieved back from a database. I ENSURED IS SAFE AND CAN ONLY BE ALTERED THROUGH PRIVILEGED USERS. THERE. I SAID IT. You could as well develop a malicious module and share it to be used on the same application, but this application is just for my use at the moment so I don't wanna worry more or I'll become bald.
I had to take out my fear and confront it in front of you guys. If i had to count every single time somebody mentions on Stack Overflow or the comments over PHP documentation about the dangers of using eval I'd quit already.
Tell me if I'm wrong: in a safe environment and trustworthy piece of code is it OK to execute eval('?>'.$pieceOfCode); ... Right?
The reason I store code on the database is because I create/edit modules on the web editor itself.
I use my own coded layers to authenticate a privileged user: A single way to grant access to admin functions through a unique authentication tunnel granting so privileged user to access the editor or send API requests, custom htaccess rules to protect all filesystem behind the domain root path, a custom URI controller + SSL. All this should do the trick to safely use the damn eval(), is that right?!
Unless malicious code is found on the code stored prior to its evaluation.
But FFS, in such scenario, why not better fuck up the framework filesystem instead? Is one password closer than the database.
I will need therapy after this. I swear.
If 'eval is evil' (as it appears in the suggested tags for this post) how can we ensure that third party code is ever trustworthy without even looking at it? This happens already with chrome extensions, or even phone apps a long time after reaching to millions of devices.11 -
Sooo
Someone had that brilliant idea of changing user ID and group ID of root user in a server... Now root has no permissions.
How am I supposed to use that server now?
P.S: Don't ask me why they did that... I don't know and I didn't bother to ask.8 -
One day I helped another teacher with setting up his backend with the currently running Nginx reverse-proxy, peace of cake right?
Then I found out the only person with ssh access was not available, OK then just reset the root password and we're ready to go.
After going through that we vim'd into authorized_keys with the web cli, added his pub key and tried to ssh, no luck. While verifying the key we found out that the web cli had not parsed the key properly and basically fucked up the file entirely.
After some back and forth and trying everything we became grumpy, different browsers didn't help either and even caps lock was inverted for some reason. Eventually I executed plan B and vim'd into the ssh daemon's settings to enable root login and activate password authentication. After all that we could finally use ssh to setup the server.
What an adventure that was 😅3 -
Well finished work yesterday at the company where I would be grilled over whether it was safe to run an SQL script on the server using the command line but they thought nothing of everyone having to log in to the server as root!7
-
Got access to root access of school's lab computer.
Saw an account 'tee'(Term end exams) associated with it, copied the hash, ran a dictionary attack and the password was 'tee'
FUCCCKCKCKKK3 -
Just got sent a text document to read in and auto generate a mesh from the coordinates in the file. Some how the fact that it's >29,000,00 coordinate points has failed to be mentioned until now.1
-
So just now I had to focus on a VM running in virt-manager.. common stuff, yeah. It uses a click of le mouse button to focus in, and Ctrl-Alt-L to release focus. Once focused, the VM is all there is. So focus, unfocus, important!
Except Mate also uses Ctrl-L to lock the screen. Now I actually don't know the password to my laptop. Autologin in lightdm and my management host can access both my account and the root account (while my other laptop uses fingerprint authentication to log in, but this one doesn't have it). Conveniently my laptop can also access the management host, provided a key from my password manager.. it makes more sense when you have a lot of laptops, servers and other such nuggets around. The workstations enter a centralized environment and have access to everything else on the network from there.
Point is, I don't know my password and currently this laptop is the only nugget that can actually get this password out of the password store.. but it was locked. You motherfucker for a lock screen! I ain't gonna restart lightdm, make it autologin again and lose all my work! No no no, we can do better. So I took my phone which can also access the management host, logged in as root on my laptop and just killed mate-screensaver instead. I knew that it was just an overlay after all, providing little "real" security. And I got back in!
Now this shows an important security problem. Lock screens obviously have it.. crash the lock screen somehow, you're in. Because behind that (quite literally) is your account, still logged in. Display managers have it too to some extent, since they run as root and can do autologin because root can switch user to anyone else on the system without authentication. You're not elevating privileges by logging in, you're actually dropping them. Just something to think about.. where are we just adding cosmetic layers and where are we actually solving security problems? But hey, at least it helped this time. Just kill the overlay and bingo bango, we're in!2 -
Well I just found a security issue with my company's website thats potentially been there for YEARS
You can just fucjing bypass the login screen and access any file. You do have to know the filename and path from the site root. But I doubt that matters to anyone willing to try hard enough. I'm sure there's tools to find the paths
Especially since the files names are fucking predictable 🙄 😒5 -
Fucking remote db doesn't want to work with me and workbench. DB is on an empty test server, no firewall issues on the network, powershell on my pc says ping ok, tcp failing though, server firewall not running, server up and running.
Tried to modify network access on db configs like bind-adress, set my db user "host" value to wildcard. Now I can log in on workbench with my user, yet root somehow fails, wtf?
And of course once the connection is live, no db us visible, accessible, nothing works. I'm so frustrated. About to nuke it and restart ... again!13 -
An app I wrote in react native broke. It just checks for new episodes and opens the actual download link so this all the ads. The URL seems to have changed from www to www1.... So the Find/Replace broke.
I don't think I will be using RN though because I can't access all features like root commands, that can be done from Android SDK. And probably easier to access all Android's features?
So should I try to fix the RN code (prolly 1 line) or port the whole project to use Android SDK?
11 -
So I just installed Android 11 on my OnePlus 6T with the 18.0 release of LineageOS. Screen recorder built-in that can finally record system sound and play it too (there used to be a Magisk module but that couldn't play system sound while recording it, everything else is just through the mic) and some doodads like the selection for where to blast your music into has been moved more into view... Epic.
And then comes the Scoped Storage. Oh boy were the Android devs right to hate the guts out of it. It's so fucking slow. Seriously, on that exact device with Android 10, blazing fast. That storage is far from cooked. On Android 11.. have a directory with a thousand or so files, and it takes 5 goddamn seconds to open the directory with them in it. And even with external file managers that you give storage access like usual! Except when you root your device and use a root file manager, then it's fast again. Because that's using the shell instead.
I never thought I'd be able to say this to be honest. The shell is faster than the native tools. Let that sink in for a moment. The shell is faster than the native tools. How on Earth did Google think that this is tolerable?! For security, are you kidding me? Yeah I'll just use the root account for fucking everything in all that security, to have a functioning system!
Android 10 was also initially planned to have this terrible storage system, but due to developer backlash, Google waited a release and it was optional there. That wasn't just time for developers to adapt to Scoped Storage. That should've also been time for Google to actually make it usable.8 -
I just tested a VPS and it was kind of impressive: I just had shared hosting until now and it is a total difference when you're having full root access.
Kind of hating these greedy shared hosting fuckers now ;)
Because it was just for testing purposes, I wanted to try the mysterious command "rm -rf / --no-preserve-root".
It was working for around 5 minutes and after that literally no command worked anymore!
Not even reboot worked :P
Then I tried reboot it via the VPS panel :) End of the story: vps panel chrashed with error message: unable to start vps :P
I thought it was kind of funnny and nice to share & thanks for reading 'til here!5 -
Hey, blonde bitch.
How about you leave the UX design to someone that can get the printer to do double sided first try. Okay?3 -
Logged into the vm as root. Saw that there were some security updates pending. Ran apt-get upgrade. Lost all ssh access to the vm. FML6
-
Was motivated to do a project with ReactNative for Android but already stuck.
I need to read a SQLite DB file from /data/data/some.other.app/database/DB.db
Yes I am rooted.
1. How does I request root from the App (Android Pie)
2. What SQLite npm package can load from an absolute path. I found a few libs but they don't seem to be full access, just for dbs in the app's own data folder.8 -
Just spent all morning adding my own user account to my local MongoDB because some network security guy found I was running an unprotected server on my PC....
I tried all the admin roles to get full access across all databases I have but none worked....
Until I see one at the bottom of the official documentation:
root -
So I went into work yesterday on my day off right? (Mardi Gras) to finish up a pretty significant addition to our application. I only had 2 days to work on it before we were to show it off to potential buyers today, so I came in to get it to at least a working state that we can improve later...
Well, that wasn't good enough. First thing my boss said when he saw it was, "this isn't what we had talked about". No dip-shit, this is what you get when you have 1 programmer working on their holiday. Like, I know we talked about this massive content update, but we talked about LITERALLY LESS THAN A WEEK AGO. I really don't know what you expect, but I made it very clear that all I could get done was a prototype at best. Not to mention that this whole app is a hard-coded "fake-prototype" that was never supposed to make it this far.... -
In the early 2010s, at select locations, Nokia Oro phone was offered bundled with a portable IPL hair removal device. Its enclosure was made entirely of leather, layers upon layers of compacted leather of different kinds. It gave you access to Queer Mode™ — engage it and have sex with any of your thoughts. Your mind was your oyster, but it was in fact being turned into a two-bedroom all-white apartment designed by Karim Rashid.
As the tech was getting older, the only way to source capacitors was syncing your Alienware table clock with the root node using a non-laptop that had shapeshifting black goo for keyboard.
Small puppy that ran Windows 8 was always smothered in shit. The white non-kitten ran Nokia’s version of QNX.
9 -
Gaining root in Macs by not using a password, a vulnerability in HomeKit devices allowing unauthorized remote access.
https://9to5mac.com/2017/12/...
Next you tell me FaceID isn't as secure as you want me to believe.
Oh, wait...1 -
Procedural dungeon, populated with procedural enemies, equipped with procedural loot, given
procedural stats and elements.
Pretty much if No Man's Sky was in a dungeon, and good.3 -
What's the best way to leave a job at a small studio?
After months of searching and interviews, I got an offer for a pretty sweet gig at a large company.
At the moment, I'm working at a tech start-up that seems to be having problems with the "start" part of it.
I am the only fulltime programmer. There is a more good chance that me leaving will shutdown the company.
I don't particularly like my boss, but I don't want to financially hurt the guy.
The job is gonna require some relocation, so once everything is finalized, I'll still have more than a month to wrap up everything here before even starting to move.
What can I do to ensure I've done all I can to leave this company with all it needs to go on without me?9 -
It finally happened. They just kept pushing, and pushing, and pushing. Asking for more and more features in an app that was a hard-coded demo from the beginning. Well it's all coming down now.
That database that was added in, missing half the API.
New features, broken.
Old features, broken.
Buttons, missing.
Drivers, need updating.
Yee, haw.
I tried to tell them, I really did. That maybe we should stop asking the client what they want, and instead sell them what we have. Well, now we have nothing.3 -
Why, Google? WHY?
My wife was annoyed, that her android image gallery showed the images she has sent via telegram, but not the ones, that she had received.
Stupidity no. 1: telegram puts received pictures into Pictures/Telegram on the internal memory. It seems like the default gallery apps don't take nested image-containing directories. As Pictures only contained the default Sony dummy images I moved them away.
Stupidity no. 2: both the receiving and sending image directory of Telegram is named "Telegram" and guess what... Android does not like that. Only the first ist shown (sent images).
Stupidity no. 3: to work around that, I installed the emulated shell to make a symlink named "Telegram-Received". Aaaand that requires root access.
Goddammit Google! She just wants to see our couple selfies that I sent her in her gallery!6 -
Solo developers of devRant (not freelancers, sorry)
How do you handle being the one-man-army for your company?
How do you stay sane with no one by your side to bounce ideas off of, and to talk through problems with?
My partner was let go almost 2 years ago, leaving just me to deal with everything, and I'm at my breaking point. What do you do to keep yourself together when everything is crashing down around you, and you alone...3 -
These cloudways people are crazy. I tried a trial on them, only to learn that we don't get root access to the server which they never really mentioned anywhere.
Also, they hiked the price like 20℅ on starter plans, which again was only shown i logged in.
And this guy has been emailing me since last 2 weeks, telling how couldn't call them or contact me. I'm so glad. I never replied and he still emails asking for feedback!
I legitimately feel like I'm getting stalked.. :|
I'll give feedback , maybe 1000 years later! -
I was trying to setup a Confluence install on my root behind a Apache Proxy..
I tried all the Atlassian Configs, my own Configs, but nothing works for Tomcat. I redirects you to the infinities of universe. My Apache Configs are all correct.
If you access Confluence directly it also works.
Tomcat you Ass start playing nice with the proxy fucker!
I hate Tomcat now. Go die!1 -
Are native Android apps easier to write now than like back in KitKat days?
I need a app that gets root permissions and reads a db file of another app (Yes my phone is rooted).
Anyone can give a gist, I forget do I need to create a Service background worker to do the DB reads... Or just need to send the op to a bg thread with a UI callback sorta like Node...
I did try writing a ReactNative app maybe last year just to try it out but can't seem to easily get root access... And the SQLite package is buggy, couldn't npm install on Win10...14 -
Rubber ducking your ass in a way, I figure things out as I rant and have to explain my reasoning or lack thereof every other sentence.
So lettuce harvest some more: I did not finish the linker as I initially planned, because I found a dumber way to solve the problem. I'm storing programs as bytecode chunks broken up into segment trees, and this is how we get namespaces, as each segment and value is labeled -- you can very well think of it as a file structure.
Each file proper, that is, every path you pass to the compiler, has it's own segment tree that results from breaking down the code within. We call this a clan, because it's a family of data, structures and procedures. It's a bit stupid not to call it "class", but that would imply each file can have only one class, which is generally good style but still technically not the case, hence the deliberate use of another word.
Anyway, because every clan is already represented as a tree, we can easily have two or more coexist by just parenting them as-is to a common root, enabling the fetching of symbols from one clan to another. We then perform a cannonical walk of the unified tree, push instructions to an assembly queue, and flatten the segmented memory into a single pool onto which we write the assembler's output.
I didn't think this would work, but it does. So how?
The assembly queue uses a highly sophisticated crackhead abstraction of the CVYC clan, or said plainly, clairvoyant code of the "fucked if I thought this would be simple" family. Fundamentally, every element in the queue is -- recursively -- either a fixed value or a function pointer plus arguments. So every instruction takes the form (ins (arg[0],arg[N])) where the instruction and the arguments may themselves be either fixed or indirect fetches that must be solved but in the ~ F U T U R E ~
Thusly, the assembler must be made aware of the fact that it's wearing sunglasses indoors and high on cocaine, so that these pointers -- and the accompanying arguments -- can be solved. However, your hemorroids are great, and sitting may be painful for long, hard times to come, because to even try and do this kind of John Connor solving pinky promises that loop on themselves is slowly reducing my sanity.
But minor time travel paradoxes aside, this allows for all existing symbols to be fetched at the time of assembly no matter where exactly in memory they reside; even if the namespace is mutated, and so the symbol duplicated, we can still modify the original symbol at the time of duplication to re-route fetchers to it's new location. And so the madness begins.
Effectively, our code can see the future, and it is not pleased with your test results. But enough about you being a disappointment to an equally misconstructed institution -- we are vermin of science, now stand still while I smack you with this Bible.
But seriously now, what I'm trying to say is that linking is not required as a separate step as a result of all this unintelligible fuckery; all the information required to access a file is the segment tree itself, so linking is appending trees to a new root, and a tree written to disk is essentially a linkable object file.
Mission accomplished... ? Perhaps.
This very much closes the chapter on *virtual* programs, that is, anything running on the VM. We're still lacking translation to native code, and that's an entirely different topic. Luckily, the language is pretty fucking close to assembler, so the translation may actually not be all that complicated.
But that is a story for another day, kids.
And now, a word from our sponsor:
<ad> Whoa, hold on there, crystal ball. It's clear to any tzaddiq that only prophets can prophecise, but if you are but a lowly goblinoid emperor of rectal pleasure, the simple truths can become very hard to grasp. How can one manage non-intertwining affairs in their professional and private lives while ALSO compulsively juggling nuts?
Enter: Testament, the gapp that will take your gonad-swallowing virtue to the next level. Ever felt like sucking on a hairy ballsack during office hours? We got you covered. With our state of the art cognitive implants, tracking devices and macumbeiras, you will be able to RIP your way into ultimate scrotolingual pleasure in no time!
Utilizing a highly elaborated process that combines illegal substances with the most forbidden schools of blood magic, we are able to [EXTREMELY CENSORED HERETICAL CONTENT] inside of your MATER with pinpoint accuracy! You shall be reformed in a parallel plane of existence, void of all that was your very being, just to suck on nads!
Just insert the ritual blade into your own testicles and let the spectral dance begin. Try Testament TODAY and use my promo code FIRSTBORNSFIRSTNUT for 20% OFF in your purchase of eternal damnation. Big ups to Testament for sponsoring DEEZ rant.3 -
So apparently changing the root password on my embedded linux system from the default to anything else breaks ssh. The only error i get is, that the password has "expired".
Dis is gonna take a long time to figure out, cuz no system logger and only serial access...2 -
So, some of you know that I'm having struggle manipulating Youtube iframes with jquery or plain javascript, please note that the same thing can be done via YouTube API but I personally do not want to rely on API,
So after 2 days of struggling I've officially given up, I feel so fucking angry and sad at the moment I can't even describe.
For some solutions to work I need SSL certificates.
the closest I could get was $(iframe#youtubeiFrame)['content'];
This leads to the youtubeIframe root #document but I am unable to access that DOM
Next task, to configure another IDE except Eclipse for Demandware.
$options = array('Aptana'=>'IDE','IntelliJ=>'IDE','VSCode'=>'textEditor'); -
Me, trying to access an old mysql database on a Linux server, the root user gets rejected. Out of frustration I delete mysql entirely and try to start again.
I was not using sudo to access the root user...
In the bright side, the deleted mysql version was actually an old one, the database is actually fine.1 -
I usually work backwards trying to estimate time. Instead of asking "how long would it take me to do this?" I ask "could I get this done in X amount of time?" If the answer is yes, X-- and try again. This is how I get the absolute minimum amount of time I would need to get *something* done. Then I add a bit to that as a buffer.
-
Relatively often the OpenLDAP server (slapd) behaves a bit strange.
While it is little bit slow (I didn't do a benchmark but Active Directory seemed to be a bit faster but has other quirks is Windows only) with a small amount of users it's fine. slapd is the reference implementation of the LDAP protocol and I didn't expect it to be much better.
Some years ago slapd migrated to a different configuration style - instead of a configuration file and a required restart after every change made, it now uses an additional database for "live" configuration which also allows the deployment of multiple servers with the same configuration (I guess this is nice for larger setups). Many documentations online do not reflect the new configuration and so using the new configuration style requires some knowledge of LDAP itself.
It is possible to revert to the old file based method but the possibility might be removed by any future version - and restarts may take a little bit longer. So I guess, don't do that?
To access the configuration over the network (only using the command line on the server to edit the configuration is sometimes a bit... annoying) an additional internal user has to be created in the configuration database (while working on the local machine as root you are authenticated over a unix domain socket). I mean, I had to creat an administration user during the installation of the service but apparently this only for the main database...
The password in the configuration can be hashed as usual - but strangely it does only accept hashes of some passwords (a hashed version of "123456" is accepted but not hashes of different password, I mean what the...?) so I have to use a single plaintext password... (secure password hashing works for normal user and normal admin accounts).
But even worse are the default logging options: By default (atleast on Debian) the log level is set to DEBUG. Additionally if slapd detects optimization opportunities it writes them to the logs - at least once per connection, if not per query. Together with an application that did alot of connections and queries (this was not intendet and got fixed later) THIS RESULTED IN 32 GB LOG FILES IN ≤ 24 HOURS! - enough to fill up the disk and to crash other services (lessons learned: add more monitoring, monitoring, and monitoring and /var/log should be an extra partition). I mean logging optimization hints is certainly nice - it runs faster now (again, I did not do any benchmarks) - but ther verbosity was way too high.
The worst parts are the error messages: When entering a query string with a syntax errors, slapd returns the error code 80 without any additional text - the documentation reveals SO MUCH BETTER meaning: "other error", THIS IS SO HELPFULL... In the end I was able to find the reason why the input was rejected but in my experience the most error messages are little bit more precise.2 -
What would you recommend for an programming aprentice?
Dedicated server (DS) or shared hosting(SH)?
A DS is more expensive, but i could learn much more in Ops. Shared hosting is cheaper (and i already have a virtual one with access to root, but no sudo)...
- Greetings from switzerland.
PS i only choose swiss hoster ;)5 -
Passwordless Unix login leading to a console menu. You can then FTP in for free and remove ~/.login . Boom ! Shell access! And I already had a superuser access from another "dialog" asking to confirm a dangerous action with the superuser's password. Boom! Root access !!
-
It's really my fault for expecting a clear and decisive description of the product. Just like it's my fault for expecting someone to follow my clear and decisive instructions.1
-
What would you guys use to backup multiple mysql databases incrementally without root access. I've been just exporting the db through PMA but I'm switching everything to a version controlled system and would like to do the same for our databases.
Oh yeah and the reason I don't have root is we have cloud hosting which doesn't provide root access. I can't even run Yum.
Edit: grammar4 -
How to write programs on Android 10 that work with files/directories? Have used a number of JVM-based languages like Groovy, Clojure and Kotlin.
My last try was with Groovy. I ran it under Dcoder which has to be cloud-, based as it supports numerous languages. I gave it permission to access storage but got a file not found error from Java. Copied this excerpt for the file path.
import java.io.File
class Example {
static void main(String[] args) {
new File("/storage/emulated/0/read_file.grvy").eachLine {
line -> println "line : $line";
}
}
}
Do I need root? Do I need to change file permissions using Termux? Why can't I find a way to write simple software on a Motorola Super, 3 GB RAM and 8 cores? I hate using a phone for a computer but a seizure has me in a nursing home with only one usable hand.
Any help is greatly appreciated.5 -
What's the worst part about testing React components? Using the equivalent of fucking stone tools to do your component integration tests! We got errors with no context and errors with no stack trace, just spewing out bullshit! A sample:
The classic "Can't access .root on unmounted test renderer"
The unforgettable and ALWAYS visible "Warning: An update to YourShittyComponent inside a test was not wrapped in act(...)."
We do love it!
Top Tags
Weekly Rant
View