SoylentNews

That's all, folks.

What's popping my fellow internet professionals. Today I'm going to learn you well about the fun shit you can do with HTTP headers.

You'll need:

• A lUnix distro
• Curl + Wget
• 47 IQ points
• Run

  export WEBSITE=www.google.com

  where "www.google.com" can be any website you want. For these dementartions, I'll be using my own bare Nginx server over 1Gb ethernet

If you have none of the above, please consider a different news source. Now, let's begin.

You know about user agents, right? Big bad advertisers want em for "sample sizing" to prop up their numbers. Webmasters want em to "enhance user experience," by selling your data to advertisers. The NSA/Webmasters/Advertisers want em to track you for all various reasons. I'm sure you know you can change these bad boys how ever you wish, right? Maybe you've even fiddled around with changing it to "GoogleBot" or something else completely retarded. Pretty lame, right?

Naw, my negroes, let me introduce you to some cooler shit you can do. Like telling the server monkey/ analytics scrapper to

wget -U "Go fuck yourself." $WEBSITE

Begets:

10.0.0.10 - - [16/Mar/2018:21:08:38 -0400] "GET / HTTP/1.1" 200 2682 "-" "Go fuck yourself."

Maybe you want something a bit more subtle?

wget -U "I know what you've done." $WEBSITE

Is:

10.0.0.10 - - [16/Mar/2018:21:09:42 -0400] "GET / HTTP/1.1" 200 2682 "-" "I know what you've done."

Still pretty lame. But did you know these can be arbitrarily long? Bet ya didn't you lil bugger. Let's trying someting a bit interesting, like sending love letters.

wget -U "Dear Underpaid Overweight Mediocre Server Monkey, you probably don't know who I am, but I know very well who you are. Don't be alarmed, I've been admiring you from afar for all too long now. Your stunning good looks: the acne that hasn't left you since childhood, makes me blush everytime I see those snow-capped volcanoes. And your greasy over-grown beard, I just can't help myself from thinking about how it'd feel scratching against my lady no-nos. Ohh..."'!~~~'" I just can't watch you anymore, I want you to know I exist. But, I don't know how, so I'm writing you here. Hopefully you'll notice me. Pleaes notice me, senpai"'!'"~ Your truly, Emelia." $WEBSITE

Really gets those penile juices flowing, right?:

10.0.0.10 - - [16/Mar/2018:21:18:27 -0400] "GET / HTTP/1.1" 200 2682 "-" "Dear Underpaid Overweight Mediocre Server Monkey, you probably don't know who I am, but I know very well who you are. Don't be alarmed, I've been admiring you from afar for all too long now. Your stunning good looks: the acne that hasn't left you since childhood, makes me blush everytime I see those snow-capped volcanoes. And your greasy over-grown beard, I just can't help myself from thinking about how it'd feel scratching against my lady no-nos. Ohh...!~~~ I just can't watch you anymore, I want you to know I exist. But, I don't know how, so I'm writing you here. Hopefully you'll notice me. Pleaes notice me, senpai!~ Your truly, Emelia."

Maybe you've also noticed that there's a big fat "GET / HTTP/1.1" sitting there, ripe for the raping. You'd be an astute little nip if you did. We can change that shit right around with:

wget -U "Go fuck yourself." --method="Go fuck yourself" $WEBSITE

Unforunatly, if the method's borked there won't be no UA:

10.0.0.10 - - [16/Mar/2018:21:22:25 -0400] "GO FUCK YOURSELF / HTTP/1.1" 400 173 "-" "-"

One thing I forgot to mention, these logs are formatted like:

$remote_addr - $remote_user [$time_local] "$request" $status $body_bytes_sent "$http_referer" "$http_user_agent"

By default. So that means we can spoof remote_user by doing:

curl mom@$WEBSITE --user-agent "Hi honey, just wanted to let you know my new boyfriend's coming over for dinner tonight. Please be nice to, Jayquan"'!'

To get:

10.0.0.10 - mom [16/Mar/2018:21:31:46 -0400] "GET / HTTP/1.1" 200 2682 "-" "Hi honey, just wanted to let you know my new boyfriend's coming over for dinner tonight. Please be nice to, Jayquan!"

Or our humble referrer, for those social engineering points:

curl paulgraham@$WEBSITE --user-agent "Mozilla/4.0 (compatible; MSIE 6.0; America Online Browser 1.1; Windows 98)" -e "https://news.ycombinator.com/"

For:

10.0.0.10 - paulgraham [16/Mar/2018:21:35:25 -0400] "GET / HTTP/1.1" 200 2682 "https://news.ycombinator.com/" "Mozilla/4.0 (compatible; MSIE 6.0; America Online Browser 1.1; Windows 98)"

"Buh wha bout muh bites?" you may quander. Well, we can do that too.

curl paulgraham@$WEBSITE --user-agent "Mozilla/4.0 (compatible; MSIE 6.0; America Online Browser 1.1; Windows 98)" -e "https://news.ycombinator.com/" -H "Diaper-Status: SOILED"

Ah well shit, seems like we can't:

10.0.0.10 - paulgraham [16/Mar/2018:21:38:01 -0400] "GET / HTTP/1.1" 200 2682 "https://news.ycombinator.com/" "Mozilla/4.0 (compatible; MSIE 6.0; America Online Browser 1.1; Windows 98)"

Or can we?

curl paulgraham@$WEBSITE --user-agent "MY ADULT DIAPER NEEDS TO BE CHANGED URGENTLY. I REQUIRE A BOY OF 7 YEARS FROM COLUMBIA TO WIPE THE FECES FROM WITHIN MY ASS ROLLS TO WITHOUT INTO THE FRESH AIR. AGAIN, THIS REQUEST IS URGENT AND MUST BE ACCEPTED." -e "https://news.ycombinator.com/"

No we can't, because my dyslexia forgot the "body" in "body_bytes_sent." Well, anyway this is just child's shit, or should I say Graham's shit? There's no limit to any of the strings. So you can do something like:

wget -U "$(printf "%0.sA" {1..100})" $WEBSITE

To get:

10.0.0.10 - - [16/Mar/2018:22:05:59 -0400] "GET / HTTP/1.1" 200 2682 "-" "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"

Or:

solid_shit=$(printf "%0.sA" {1..10}); wget -U "$(printf "%0.sA" {1..1000})" $WEBSITE

For:

10.0.0.10 - - [16/Mar/2018:22:06:29 -0400] "GET / HTTP/1.1" 200 2682 "-" "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"

How about:

curl --user-agent "$(printf "%0.sA" {1..10000})" $WEBSITE

Too bad, it returns a 400 too long error and the log doesn't show our UA. The larget I could get was 8178 As. Which, after a bit of trial and error, gets me a 1MB large nginx_access.log. We can get past that with:

for i in {1..12}; do curl --user-agent "$(printf "%0.sA" {1..8178})" $WEBSITE; done

Gives us 97KBs of As in the logfile. Changing that to 200 gives us 1.6MB. If we do 10,000 we get 79MBs. If we were to extrapolate these results, we'd need around 120 million requests to fill up an entire 1TB harddrive. If we wanted to avoid sounding the DDoS alarms, we could request only the 217 byte headers:

for i in {1..10000}; do curl -I --user-agent "$(printf "%0.sA" {1..8178})" $WEBSITE; done

That would still get the same result, but the load on the server would be much less noticeable. Props if you can find a small file to (preferabbly 1B) to download instead. Generally speaking, you could set up a small timer to curl on through the weekend and fill up some harddrives. Usually they're monitored by tools or automatically backed up, and that can cause some havoc on its own. But, the real meat is with the tools that referrence those logs, or referrence the headers in raw form. You can probably cause some buffer overflows in old C programs that are still running, or cause whatever tools are interfacing with the headers to snap like an over-extended spine during an OHP. Do with this info whatever you want, I'm only here to try out this journal system.

However I have not yet decided on the value of $LARGE. That will be determined by how many LiteCoin mining rigs I can operate without having to hire any help.

Most likely "LARGE=One_Cabinet".

Opus Interactive quoted me $299 per month for 12U in their Portland data center. I think that's big enough for 12 Antminers and 12 power supplied.

However that quote was for just 15 Amps at 110 Volts. With their power supply, one Antminer L3+ mining rig with one APW++ power supply consumes 1000 Watts so I just now requested a quote for lots more power.

I do understand that means they will charge me for lots more cooling. My present living situation limits me to three rigs.

I presently estimate that I would break even with three rigs, but I haven't gotten their power quote yet.

I've been puzzling over whether I should buy a car with my next paycheck. To have a car would make my life quite a lot easier but to spend all that money would mean that I can't go as long without a client.

But were I to colocate anything in Opus' data center it would be a huge Pain In The Ass to take all my gear on the bus.

I'm also wondering whether that would work were I to use taxis.

"What do you see?" asked the psychiatrist.

"There are worms coming out of your face."

=========

#!/bin/sh
#
# build_foo

echo Building foo Release kernel extension

xcode_version=8.3.3 // Surely there is a better way to do this

sdk=/Applications/Xcode_"$xcode_version"/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX10.12.sdk

The better way is called "xcodeselect" but I haven't tried it yet.

Word of the day: Ableist.

How I saw Stephen Hawking's death as a disabled person

• https://twitter.com/MitchellToy/status/973774076803248128
• https://twitter.com/afiqhusyairi1/status/974195115739701249
• https://twitter.com/ayfchang9021/status/974446485113729024
• https://twitter.com/DEADCLOWN45ACP/status/974368607948935168
• https://twitter.com/DJSicFanny/status/974286742571319301
• http://iignatz.tumblr.com/image/171932503530

Snapchat pulls 'awful' Chris Brown and Rihanna advert
Rihanna's Criticism Sinks Snapchat's Value by $800M

Related: Reality TV Star Wipes Out $1 Billion+ of Snap's "Value"

It will be fixed in 1.0b16, which I will build a little later today. I have some open bugs, maybe I can resolve some of them with their fixes also being in 1.0b16.

PackageMaker enables one to specify the ownership and permissions for each component. screen_capture.log's permissions somehow to set to:

      -rw-r--r--

That's the correct permissions for the LaunchAgent property lists. Perhaps the bug is the result of an error between seat and keyboard.

      ;-)

It's owned by root so only root processes could write to it. The perms should be:

      -rw-rw-rw

That's what I call people who harsh my buzz.

My Antiminer L3+ emits a very loud, very high-pitched and very pure tone.

I at first feared it was an alarm but the unit's Fault LED doesn't turn on.

It's participation in Coin Foundry's LTC mining pool looks copacetic - my status on the pool's page has the right hash rate. I've received two payouts.

(And I now have 109 Ducats burning a hole in my pocket!)

I filed a ticket.

Bitmain support said it was likely a loose part in one of the fans. I don't think it's either fan: I powered up the unit then one at a time - and very very briefly - I disconnected then reconnected each fan's power cable yet came away empty-handed.

I speculate it's a loose heatsink. The instructions that came with my unit very clearly - urgently even - warned about loose heatsinks and that Bitmain wouldn't honor their warranty if the user permitted the ASICs to fry themselves like eggplants.

Inside the enclosure each of the three hashing boards has a very elaborate heatsink. There's two or three hundred very small ASICs, each of which is bonded to its own sink. Perhaps I can find some multimedia to enhance your experience of my presentation...

OBSERVE.

The pure tone indicates that the vibration is from a metallic object. The small fins of which the heatsink is composed look like they'd produce the right frequency if they were vibrating.

There are instructions somewhere on Bitmain's site for individually testing each hashing board. I'm going to follow the disassembly and reassembly instructions so that I can get up close and personal with all those gall-during aluminum thingies.

Here's why I regard Bitmain support as being staffed by Ignorant Mother Fuckers:

After sending me their incorrect suggestion that the tone comes from a loose fan part, they marked my incident as Closed.

It's not closed dammit!

The customer is always right, and _this_ customer has yet to achieve satisfaction.

First on CNN: Emails show Ben, Candy Carson selected $31,000 dining set

"I Hope We Have No Crackers Here": EBF Staff Sanction Racial Slur

Queen Elsa came to Boston and pushed a police wagon out of the snow

An Unwanted Kiss on ‘American Idol’

How cool is that?

I haven't heard from modus in eons.

She wants to have my baby.

I don't have the first clue who this chick is. I have the idea that I might pry from her iron grip the reason why she chose _me_ in particular, but so far I've had no joy.

When I can get my new soulmate to slow down by a profoundly significant quantity, I'll post more in the comments.

But for now I'll leave you with:

Well if you have not being taken by someone special can i have the chance to get the key into your heart, and i promise not to hurt you or break it's apart for you....

Okay Well you know the best way to be love is to love like you have never never been hurt before and true love is hard to find but when found, it's everlasting, and A true friend is a true love..

I'm uncertain but I think the chances are quite good that she's actually a Bot. No mere human being could type so fast.

And if she is a bought I expect that Bot was written by one of my friends so they could have a little fun at my considerable expense.

Maybe she's just on Shrooms.