untergrund.net news/updates/questions
category: general [glöplog]
el topo: done.
mch: Haven't received it. Are you still able to receive mail at that address? In this case I'll just send you a new password there.
@scamp: that's weird, anyway it's very old mailbox full of spam. you can try to send the new password on this mailbox or try instead my current one mch8580@gmail.com
Ok, mail address and password changed, check your mail.
Quote:
ggn: your registered mail address is ggn@hol.gr. Can you still access this? If you have both forgotten your password and lost access to your mail, I will need some other proof that you are you.
Sadly I don't have access to that email any more. And yup, password doesn't work anymore. What proof would you need?
Hey Scamp, wanna add SceneID support to Untergrund to stop dealing with lost passwords? :)
@scamp everything is working, thanks a lot :)
scamp: Thanks man.
Let's try another bump.
Scamp: Would sending you the email untergrund.net sent me when I registered count as proof?
Scamp: Would sending you the email untergrund.net sent me when I registered count as proof?
never trust a Greek guy who doesn't like Dutch kroketten!
you had a 50% chance but you blew it Dutch boi - better luck next time :)
Nehmt euch doch bitte ein Zimmer, ihr Süßen.
nur wenn du auch da bist, Sir Schnucki
すすれ: yeah, that would be OK
can't upload files to site:
http://256bytes.untergrund.net
Code:
403 Forbidden
You don't have permission to access /upload.php on this server.
http://256bytes.untergrund.net
That's something to ask the site's owner about.
who is site owner ?
https://www.pouet.net/user.php?who=59 is named at the bottom and quite active here.
seems no.
maybe this help
maybe this help
Code:
[Tue Jun 16 14:44:08 2020] [error] [client 95.47.199.134] PHP Warning: in_array() expects parameter 2 to be array, null given in /home/unet_homes/abarker/pubhtml/home.php on line 166, referer: http://256bytes.untergrund.net/submit.php
[Tue Jun 16 14:44:16 2020] [error] [client 95.47.199.134] ModSecurity: Access denied with code 403 (phase 2). Match of "eq 0" against "MULTIPART_UNMATCHED_BOUNDARY" required. [file "/etc/httpd/modsecurity.d/activated_rules/modsecurity_crs_20_protocol_violations.conf"] [line "219"] [id "960915"] [rev "1"] [msg "Multipart parser detected a possible unmatched boundary."] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.6"] [maturity "8"] [accuracy "8"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/INVALID_REQ"] [tag "CAPEC-272"] [hostname "256bytes.untergrund.net"] [uri "/upload.php"] [unique_id "Xui@n7lYPPIAAES-AZ8AAAAA"]
OK, that helped - it's caused by updated security rules.
Please retry.
Please retry.
scamp, it works. thank you
Yet another ping. Scamp, I sent the original registration email to hostmaster at untergrund dot net on the 6th of June. Did you receive it?
same issue wuth opload.php
error.log:
[Mon Jul 06 09:55:23 2020] [error] [client 95.47.199.134] ModSecurity: Access denied with code 403 (phase 2). Pattern match "([\\\\~\\\\!\\\\@\\\\#\\\\$\\\\%\\\\^\\\\&\\\\*\\\\(\\\\)\\\\-\\\\+\\\\=\\\\{\\\\}\\\\[\\\\]\\\\|\\\\:\\\\;\\"\\\\'\\\\\\xc2\\xb4\\\\\\xe2\\x80\\x99\\\\\\xe2\\x80\\x98\\\\`\\\\<\\\\>].*?){4,}" at ARGS:tubevid. [file "/etc/httpd/modsecurity.d/activated_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "170"] [id "981173"] [rev "2"] [msg "Restricted SQL Character Anomaly Detection Alert - Total # of special characters exceeded"] [data "Matched Data: - found within ARGS:tubevid: http://https://www.youtube.com/watch?v=kog-I_DqlnA"] [ver "OWASP_CRS/2.2.6"] [maturity "9"] [accuracy "8"] [hostname "256bytes.untergrund.net"] [uri "/upload.php"] [unique_id "XwLY67lYPPIAAA5ODusAAAAJ"]
error.log:
[Mon Jul 06 09:55:23 2020] [error] [client 95.47.199.134] ModSecurity: Access denied with code 403 (phase 2). Pattern match "([\\\\~\\\\!\\\\@\\\\#\\\\$\\\\%\\\\^\\\\&\\\\*\\\\(\\\\)\\\\-\\\\+\\\\=\\\\{\\\\}\\\\[\\\\]\\\\|\\\\:\\\\;\\"\\\\'\\\\\\xc2\\xb4\\\\\\xe2\\x80\\x99\\\\\\xe2\\x80\\x98\\\\`\\\\<\\\\>].*?){4,}" at ARGS:tubevid. [file "/etc/httpd/modsecurity.d/activated_rules/modsecurity_crs_41_sql_injection_attacks.conf"] [line "170"] [id "981173"] [rev "2"] [msg "Restricted SQL Character Anomaly Detection Alert - Total # of special characters exceeded"] [data "Matched Data: - found within ARGS:tubevid: http://https://www.youtube.com/watch?v=kog-I_DqlnA"] [ver "OWASP_CRS/2.2.6"] [maturity "9"] [accuracy "8"] [hostname "256bytes.untergrund.net"] [uri "/upload.php"] [unique_id "XwLY67lYPPIAAA5ODusAAAAJ"]
well, that DOES look pretty suspicious indeed...
すすれ: It would help if you could give me the username which is not weird unicode crap so I can find your registration... :)