- Feature Articles
- CodeSOD
- Error'd
-
Forums
-
Other Articles
- Random Article
- Alex's Soapbox
- Announcements
- Best of…
- Best of Email
- Best of the Sidebar
- Bring Your Own Code
- Coded Smorgasbord
- Mandatory Fun Day
- Off Topic
- Representative Line
- News Roundup
- Editor's Soapbox
- Software on the Rocks
- Souvenir Potpourri
- Sponsor Post
- Tales from the Interview
- The Daily WTF: Live
- Virtudyne
Admin
I wonder if the Z and Y keys are switched on some keyboards thereby placing the Y next to the X... Anyone know?
Admin
Even with the explanation, I still don't really see the WTF. The hardware was being pushed to the limit? Maybe a WTF but not that interesting. The message saying that the line had been traced and the police were coming? Not a WTF.
This one isn't that good.
Admin
So let me get this straight: In the original WTF, the ports weren't being swapped at all? That detail was actually added by the Daily WTF editors to make it cooler than it really was? Wow, that is so lame.
Admin
Admin
Admin
more paula. More Paula. MORE PAULA.
Admin
Looks fine to me (Maxthon over IE 7).
Though I don't think it was done in C, probably a simple HTML page with some MIME type voodoo.
Admin
In the words of the Great Patrick Star...
Uhhhhh, I don't get it.
Admin
The port switch is a red herring. It was the interesting part, but the WTF was just the front desk support call. Not funny. They probably didn't actually figure out why the ports were being switched.
No. The HTTP GETs for cmd.exe are remote attempts to break into YOUR web server (assuming you're running an unpatched IIS). The other end doesn't care about the file; it cares about the few servers that actually execute cmd.exe locally when given that request.
Admin
In order to avoid running into the same problem, I switched my keyboard layout to Dvorak. As you can see, cy ,rpto l.pu.jyn;v
Captcha: jrbo.'gay (no kidding, and isn't "cy ,rpto" like "crypto"?)
Admin
Not a typo - my password is SWORDFISSH. The Real WTF is that the computer assumes that passwords have to be spelled right to be correct.
Admin
So the WTF is that the guy puts up with a bug that shuts down all the computers company wide every few months and just fixes the symptoms.
Yeah I can see that.
Admin
Maybe the wtf was that the printer and keyboard swapped ports? They inserted a piece of paper with the password on it then the keyboard's keys pressed themselves, spelling out "H-A-C-K A-T-T-E-M-P-T"
Admin
Admin
It would be odd enough to have the printer output the admin password (supposing it did). But I wonder whether the underscore on the paper blinked too
Admin
You know, I really miss that google spellcheck thing that goes: "did you mean 'swordfish'?", when using ssh, because you cant see the damned characters and it is really hard to get the password correct with this stupid qwertz keyboard!
Admin
So are we all on the same page now? The original story mentioned the strain on the hardware but neglected to mention that the result of that strain was the bumping up of the ports by one, which is why we were all confused.
And the WTF itself is not the punchline, but rather the bogus hacker message and the front desks (understandably) alarmed response to it. Class dimissed.
Admin
HOLY SWEET MOTHER OF JEEBUS!!! you used the <blink> tag!!!! YOU USED THE <BLINK> TAG!!!!! Don't you know every time a blink tag blinks God kills a kitten AND a puppy!!!!!!!!
Admin
Hahaha,
I find:
<blink wtf="sweet, an excuse to use the blink tag!">_</blink>
funny.
Mike
Admin
From the WTF version: "After some debugging, Andrew discovered the issue — some of the port numbers had shifted"
Just because you couldn't be trouble to read all the way through a rather wordy and boring WTF doesn't mean that he screwed it up entirely.
Admin
Correct on both counts. He is laughing because he looks at the logs and sees the number of times the program ran successfully, popping up that message box for some server admin to see (and have to click OK).
Admin
Admin
Admin
Yep! And i'll bet the wardialers got the front desk login, with no password prompt -- straight to a root shell.
Admin
I came across some code on a LiveJournal page that had lots of instances of <font shmolor="...">. Not quite sure what browser that was destined for?
Here: http://www.google.co.uk/search?q=font%20shmolor&hl=en
WTF..?
Admin
http://www.errorwear.com/picmonth-mar2002.php
Admin
I would be very surprised to learn that CMD.EXE requestors were doing anything at all with the response, much less executing any javascript in it.
Admin
I'd suspect that it was down to the true WTF - that the passwords were being used somewhere else, and doing control commands.
So "Fidelio" contains "DEL IO" - which would possibly delete/reconfigure all the I/O ports?
And "Swordfissh" contains "SSH" - thus the 'hack attack' ?
I dunno, but that's how I read it, anyway.
Admin
The Real WTF is that <blink> doesn't seem to work in Internet Explorer 7.
No sorry, the REAL WTF is that I'm using IE7!
Admin
It is on a German keyboard. Probably others as well.
Admin
Admin
you mean girls can be thought paedophiles too?
well, i never!
Admin
That's sickening. Where I live, programmers don't work when they're drunk...
You mean if I use the blink tag excessively, it will solve the urban dog sh** problem?
What use would God have for a blink tag? <blink>RTFB</blink>?
Admin
This story needs a better punchline:
"Juanita was coming in every night and unplugging the ports to connect her RS232-powered vacuum cleaner"
Admin
CAPTCHA: incassum. Sounds like an indian in a bad western. "Tie rope to waist incassum you fall."
Admin
As the author of the now semi-famous CMD.EXE, let my clarify some things.
It was written (well, "written") in VB6 and so yes, it consisted of nothing but MessageBox("F*** off!"), or whatever that statement looked like.
Though whoever mentioned it was probably right, the intruder wouldn't care about what the file really did, expexting it to execute on my machine with certain parameters anyway.
And yes, I'm using a QWERTZ keyboard.
Any no, I'm not attracted to boys. I'm attracted to boz's, but luckily nobody knows what they are ;)
Captcha: Latin for "to be".
Admin
i laughed when i saw the comment in the code for the underscore :) i thought to myself 'oh, thats cute, i wonder how they did that' only to find your comment in the wtf attribute...
Admin
Last!
Admin
Please make the bad flashing stop. Pleeeeeaaaaasee.
Admin
I think that is the only valid excuse to use blink tags: Simulated terminal cursor. In fact, I would venture to guess that such use was the sole reason it was even invented.
Admin
Admin
Admin
Cut me some slack, dammit, I was like fourteen ;)
Captcha: "aptent". Probably the opposite of a tent. Cloth in a hole or some such.
Admin
TRWTF is using the blink tag
Admin
Fidelio (the system referenced in this WTF, going from the impressively secure password) is pretty old, wonky, and may be kissing-cousins related to some DailyWTF articles. It would not surprise me in the slightest if Fidelio's port assignment routines borked under high loads (or frequent connect/disconnects from the terminals, which appears to be the case in this article.) I doubt that it was the mistyping of the passwords, but it's possible.
Admin
Last!
Admin
Not last!
Admin
[quote user="Martini"][quote user="TheRider"][quote user="mtu"]Kinda reminds me of how I used to place an executable file named cmd.exe onto my web server, which did nothing but pop up a message boy saying "F*** off!".
I laughed at every HTTP 200 this caused in my logs :D[/quote]
A "message boy"?!? WTF? [/quote] I dunno - I think I'll incorporate into my next app...
[image]Admin
[quote user="Martini"][quote user="TheRider"][quote user="mtu"]Kinda reminds me of how I used to place an executable file named cmd.exe onto my web server, which did nothing but pop up a message boy saying "F*** off!".
I laughed at every HTTP 200 this caused in my logs :D[/quote]
A "message boy"?!? WTF? [/quote]
Yes, a message boy. He was employed by the hotel.
Admin
Ignore him; I think that that is the ONLY good use for the <blink>blink</blink> tag.